SlideShare ist ein Scribd-Unternehmen logo

Software security

Als PPT, PDF herunterladen
J
jes_d

Software security

Technologie
1 von 30
Software Security  Software security is an idea implemented to protect software against malicious attack and other hacker risks so that the software continues to function correctly under such potential risks.  Security is necessary to provide integrity, authentication and availability.
Software Vulnerabilities  A software vulnerability is an instance of a fault in the specification, development, or configuration of software such that its execution can violate the (implicit or explicit) security policy.  Types of vulnerabilities  Buffer Overflows  Format String Vulnerabilities, etc.
Buffer overflow  A buffer overflow occurs when more data are written to a buffer than it can hold.  The excess data is written to the adjacent memory, overwriting the contents of that location and causing unpredictable results in a program.  Buffer overflows happen when there is improper validation (no bounds prior to the data being written).  It is considered a bug or weakness in the software.
An example of a buffer overflow when writing 10 bytes of data (username12) to an 8 byte buffer.
What happens when a buffer overflow occurs?  When a memory buffer overflow occurs and data is written outside the buffer, the running program may become unstable, crash or return corrupt information.  The overwritten parts of memory may have contained other important data for the running application which is now overwritten and not available to the program anymore.  Buffer overflows can even run other (malicious) programs or commands and result in arbitrary code execution.
Format String  The Format String exploit occurs when the submitted data of an input string is evaluated as a command by the application.  In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application, causing new behaviors that could compromise the security or the stability of the system.
 The Format Function is an ANSI C conversion function, like printf, fprintf, which converts a primitive variable of the programming language into a human-readable string representation(converts C data types into a string representation)  The Format String is the argument of the Format Function and is an ASCII Z string which contains text and format parameters, like: printf ("The magic number is: %dn", 1911);  The Format String Parameter, like %x %s defines the type of conversion of the format function.
 Format String attacks alter the flow of an application.  They use string formatting library features to access other memory space.  Vulnerabilities occur when user supplied data is deployed directly as formatting string input for certain C/C++ functions (e.g., fprintf, printf, sprintf, setproctitle, syslog, ...).
Cross-Site Scripting (XSS)  Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise trusted websites.  XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.  The attacker aims to execute malicious scripts in a web browser of the victim
SQL Injection (SQLi)  SQL injection is a type of an injection attack that makes it possible to execute malicious SQL statements.  These statements control a database server behind a web application.  Attackers can use SQL Injection vulnerabilities to bypass application security measures.  They can go around authentication and authorization of a web page or web application and retrieve the content of the entire SQL database.  They can also use SQL Injection to add, modify, and delete records in the database.
Malware  Malware: Any “malicious software” designed to secretly access your computer.  Types of malware can include computer viruses, worms, Trojan horses and spyware.  These malicious programs can perform a variety of different functions such as stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users' computer activity without their permission.
 Worm is one of the malicious software which has independent structure and distribute from one computer to another by replicating automatically copies of itself via a network, without the use of infected files or human action.  It means that worms have self - replication and self-contained properties.  Self-replication means that it has the ability to copy itself and self- contained means that worm has the ability to execute without the need to attach to another program.  As an example, we can say that when a worm installed in computer system, it could send out thousands of its copies to everyone listed in computer email address book.
 Worm could have very harmful effect on systems in the network, such as could consume too much system memory or system processor (CPU) and cause many applications to stop responding.  Worms may be based on executable code, interpreted code, scripts, macros, etc. A worm typically consists of three parts: Identifier: Code used to identify possible targets, i.e.other hosts which it can try to infect. Transmitter: Code used to transfer the worm to thetargets. Payload: Code to be executed on the target. The payload is optional, and it may or may not have a damaging effect on the target
Virus is a computer program which transmits from one computer to another computer by attaching itself to another program. The program that the virus attaches itself to is one of the victim’s programs or files. There are many differentway for transmitting virus to other computers such as by sending infected file as an email attachment or by embedding copies of infected files into removable medium such as a CD,DVD or USB drive. A virus usually consists of two parts: Insertion code:this is a code which is responsible to insert a copy of the virus into other files on the infected computer. This part is obligatory for all kind viruses. Payload: this is a code which is responsible for
 Trojan horse is malicious software that can be hiding in a victim computer.  A malicious computer program that tricks users into willingly running it is also called a "Trojan horse" or simply a "Trojan".  In contrast to worm and virus, Trojans do not have their own on-board replication and spreading capability.  There are many ways for infecting victim computers by Trojans such as downloading
We categorize Trojan horse into two main groups: (i) General Trojan (ii) Remote-Access Trojan General Trojans: this type of Trojans has wide range of malicious activities. They can threaten data integrity of victim machines. They can redirect victim machines to a particular web site by replacing system files that contain URLs. They can install several malicious software on victim computers. They can even track user activities, save those information and then send it to attacker. Remote - Access Trojans: we can claim that they are the most dangerous type of Trojan. They have special capability which enable attacker to remotely control victim machine via a LAN or Internet. This type of Trojan can be instructed by attacker for malicious activities such as harvesting confidential information
 Bot–Bot is actually short for robot which is also called as Zombie.  It is a new type of malware installed into a compromised computer which can be controlled remotely by BotMaster for executing some orders through the received commands.  After the Bot code has been installed into the compromised computers, the computer becomes a Bot or Zombie.  Contrary to existing malware such as virus and worm which their main activities focus on attacking the infecting host, bots can receive commands from BotMaster and are used in distributed attack platform.
 BotMaster– BotMaster is also known as BotHerder, is a person or a group of person which control remote Bots.  Botnets - Botnets are networks consisting of large number of Bots. Botnets are created by the BotMaster to setup a private communication infrastructure which can be used for malicious activities such as Distributed Denial-of-Service (DdoS), sending large amount of SPAM or phishing mails, and other nefarious purpose . Bots infect a person’s computer in many ways. Bots usually disseminate themselves across the Internet by looking for vulnerable and unprotected computers to infect.When they find an unprotected computer, they infect it and then send a report to the BotMaster. The Bot stay hidden until they are announced by their BotMaster to perform an attack or task
The activities associated with Botnet can be classified into three parts: (1)Searching– searching for vulnerable and unprotectedcomputers. (2)Dissemination– the Bot code is distributed to the computers (targets), so the targets become Bots (3)sign-on – the Bots connect to BotMaster and become ready to receive command and control traffic.
 A Rootkit is an automated software package which can be used by hacker to mask intrusion and to gain administrative (“root”) privileges on a computer or computer network.  The main malicious activities that Rootkit can do are: Provide unauthorized access to victim computer Mask malicious resources( e.g. processes, files, open ports, registry keys) Clean logs of the victim computer system which make the trace of hacker much complicate  Rootkit usually install a handler which can remove the audit records and other records of the rootkit.
 What does It do?  A virus collects the sensitive data from the user’s computer such as financial information and passwords. It can also cause a computer to malfunction and relay spams.  How It enters a PC  Rootkit can be infected in a device either by sharing infected disks or drives. It can also be pre-installed on a purchased computer. Apart from these, when you download any software, Rootkit can enter your system, if the source is not a trusted source.
 Logic bomb : A logic bomb, also called slag code, is programming code which lies inactive until a particular piece of program logic or specific event activates it.  There are some common activators which are the arrival of a specific date or time, certain message from the programmer, creation or deletion of some specific information and even can be activated when something does not happen.
Software security
Software security

Empfohlen

Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
Argie242424
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
Reddhi Basu
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File Inclusion
Imperva
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virus
HTS Hosting
 
Program Threats
Program ThreatsProgram Threats
Program Threats
guestab0ee0
 
Computer power point presentation
Computer power point presentationComputer power point presentation
Computer power point presentation
Pranjal Mishra
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar report
NamanKikani
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threats
EC-Council
 

Empfohlen

Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
Argie242424
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
Reddhi Basu
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File Inclusion
Imperva
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virus
HTS Hosting
 
Program Threats
Program ThreatsProgram Threats
Program Threats
guestab0ee0
 
Computer power point presentation
Computer power point presentationComputer power point presentation
Computer power point presentation
Pranjal Mishra
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar report
NamanKikani
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threats
EC-Council
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
Dark Side
 
Modern malware and threats
Modern malware and threatsModern malware and threats
Modern malware and threats
Martin Holovský
 
Ids 007 trojan horse
Ids 007 trojan horseIds 007 trojan horse
Ids 007 trojan horse
jyoti_lakhani
 
Worm
WormWorm
Worm
S.M. Towhidul Islam
 
Program security
Program securityProgram security
Program security
G Prachi
 
Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4
dodontn
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
Aamlan Saswat Mishra
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3
Education
 
Malware
MalwareMalware
Malware
zelkan19
 
computer security
computer securitycomputer security
computer security
Azhar Akhtar
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
UltraUploader
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
ahmad abdelhafeez
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
backdoor
 
Dickmaster
DickmasterDickmaster
Dickmaster
DickMaster1
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile Malware
Martin Holovský
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber security
Bansari Shah
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
Information Technology
 
Compter virus and its solution
Compter virus and its solutionCompter virus and its solution
Compter virus and its solution
Manoj Dongare
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
jibinmanjooran
 
Security threats
Security threatsSecurity threats
Security threats
Integral university, India
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
CAS
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES
Sagilasagi1
 

Weitere ähnliche Inhalte

Was ist angesagt?

Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4
dodontn
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
UltraUploader
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
backdoor
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
Information Technology
 
Compter virus and its solution
Compter virus and its solutionCompter virus and its solution
Compter virus and its solution
Manoj Dongare
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
jibinmanjooran
 

Was ist angesagt? (20)

Computer viruses
Computer virusesComputer viruses
Computer viruses
 
Modern malware and threats
Modern malware and threatsModern malware and threats
Modern malware and threats
 
Ids 007 trojan horse
Ids 007 trojan horseIds 007 trojan horse
Ids 007 trojan horse
 
Worm
WormWorm
Worm
 
Program security
Program securityProgram security
Program security
 
Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3
 
Malware
MalwareMalware
Malware
 
computer security
computer securitycomputer security
computer security
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
 
Ne Course Part One
Ne Course Part OneNe Course Part One
Ne Course Part One
 
Dickmaster
DickmasterDickmaster
Dickmaster
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile Malware
 
Types of attacks in cyber security
Types of attacks in cyber securityTypes of attacks in cyber security
Types of attacks in cyber security
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
Compter virus and its solution
Compter virus and its solutionCompter virus and its solution
Compter virus and its solution
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
 
Security threats
Security threatsSecurity threats
Security threats
 

Ähnlich wie Software security

Presentation2
Presentation2Presentation2
Presentation2
Jeslynn
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
Ardit Meti
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoors
seth edmond
 

Ähnlich wie Software security (20)

RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES
 
Mitppt
MitpptMitppt
Mitppt
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwares
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
 
Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !
 
Presentation2
Presentation2Presentation2
Presentation2
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoors
 
System_security.pptx
System_security.pptxSystem_security.pptx
System_security.pptx
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remedies
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides ppt
 
TIC
TICTIC
TIC
 
Introduction to Malwares
Introduction to MalwaresIntroduction to Malwares
Introduction to Malwares
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHacking
 
INTERNET SECURITY.pptx
INTERNET SECURITY.pptxINTERNET SECURITY.pptx
INTERNET SECURITY.pptx
 
viruses.pptx
viruses.pptxviruses.pptx
viruses.pptx
 
Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan Backdoors
 
Computing safety
Computing safetyComputing safety
Computing safety
 

Kürzlich hochgeladen

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Software security

  • 1. Software Security  Software security is an idea implemented to protect software against malicious attack and other hacker risks so that the software continues to function correctly under such potential risks.  Security is necessary to provide integrity, authentication and availability.
  • 2. Software Vulnerabilities  A software vulnerability is an instance of a fault in the specification, development, or configuration of software such that its execution can violate the (implicit or explicit) security policy.  Types of vulnerabilities  Buffer Overflows  Format String Vulnerabilities, etc.
  • 3. Buffer overflow  A buffer overflow occurs when more data are written to a buffer than it can hold.  The excess data is written to the adjacent memory, overwriting the contents of that location and causing unpredictable results in a program.  Buffer overflows happen when there is improper validation (no bounds prior to the data being written).  It is considered a bug or weakness in the software.
  • 4. An example of a buffer overflow when writing 10 bytes of data (username12) to an 8 byte buffer.
  • 5. What happens when a buffer overflow occurs?  When a memory buffer overflow occurs and data is written outside the buffer, the running program may become unstable, crash or return corrupt information.  The overwritten parts of memory may have contained other important data for the running application which is now overwritten and not available to the program anymore.  Buffer overflows can even run other (malicious) programs or commands and result in arbitrary code execution.
  • 6. Format String  The Format String exploit occurs when the submitted data of an input string is evaluated as a command by the application.  In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application, causing new behaviors that could compromise the security or the stability of the system.
  • 7.  The Format Function is an ANSI C conversion function, like printf, fprintf, which converts a primitive variable of the programming language into a human-readable string representation(converts C data types into a string representation)  The Format String is the argument of the Format Function and is an ASCII Z string which contains text and format parameters, like: printf ("The magic number is: %dn", 1911);  The Format String Parameter, like %x %s defines the type of conversion of the format function.
  • 8.  Format String attacks alter the flow of an application.  They use string formatting library features to access other memory space.  Vulnerabilities occur when user supplied data is deployed directly as formatting string input for certain C/C++ functions (e.g., fprintf, printf, sprintf, setproctitle, syslog, ...).
  • 9. Cross-Site Scripting (XSS)  Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise trusted websites.  XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.  The attacker aims to execute malicious scripts in a web browser of the victim
  • 10.
  • 11. SQL Injection (SQLi)  SQL injection is a type of an injection attack that makes it possible to execute malicious SQL statements.  These statements control a database server behind a web application.  Attackers can use SQL Injection vulnerabilities to bypass application security measures.  They can go around authentication and authorization of a web page or web application and retrieve the content of the entire SQL database.  They can also use SQL Injection to add, modify, and delete records in the database.
  • 12.
  • 13. Malware  Malware: Any “malicious software” designed to secretly access your computer.  Types of malware can include computer viruses, worms, Trojan horses and spyware.  These malicious programs can perform a variety of different functions such as stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users' computer activity without their permission.
  • 14.
  • 15.
  • 16.  Worm is one of the malicious software which has independent structure and distribute from one computer to another by replicating automatically copies of itself via a network, without the use of infected files or human action.  It means that worms have self - replication and self-contained properties.  Self-replication means that it has the ability to copy itself and self- contained means that worm has the ability to execute without the need to attach to another program.  As an example, we can say that when a worm installed in computer system, it could send out thousands of its copies to everyone listed in computer email address book.
  • 17.  Worm could have very harmful effect on systems in the network, such as could consume too much system memory or system processor (CPU) and cause many applications to stop responding.  Worms may be based on executable code, interpreted code, scripts, macros, etc. A worm typically consists of three parts: Identifier: Code used to identify possible targets, i.e.other hosts which it can try to infect. Transmitter: Code used to transfer the worm to thetargets. Payload: Code to be executed on the target. The payload is optional, and it may or may not have a damaging effect on the target
  • 18. Virus is a computer program which transmits from one computer to another computer by attaching itself to another program. The program that the virus attaches itself to is one of the victim’s programs or files. There are many differentway for transmitting virus to other computers such as by sending infected file as an email attachment or by embedding copies of infected files into removable medium such as a CD,DVD or USB drive. A virus usually consists of two parts: Insertion code:this is a code which is responsible to insert a copy of the virus into other files on the infected computer. This part is obligatory for all kind viruses. Payload: this is a code which is responsible for
  • 19.  Trojan horse is malicious software that can be hiding in a victim computer.  A malicious computer program that tricks users into willingly running it is also called a "Trojan horse" or simply a "Trojan".  In contrast to worm and virus, Trojans do not have their own on-board replication and spreading capability.  There are many ways for infecting victim computers by Trojans such as downloading
  • 20. We categorize Trojan horse into two main groups: (i) General Trojan (ii) Remote-Access Trojan General Trojans: this type of Trojans has wide range of malicious activities. They can threaten data integrity of victim machines. They can redirect victim machines to a particular web site by replacing system files that contain URLs. They can install several malicious software on victim computers. They can even track user activities, save those information and then send it to attacker. Remote - Access Trojans: we can claim that they are the most dangerous type of Trojan. They have special capability which enable attacker to remotely control victim machine via a LAN or Internet. This type of Trojan can be instructed by attacker for malicious activities such as harvesting confidential information
  • 21.
  • 22.  Bot–Bot is actually short for robot which is also called as Zombie.  It is a new type of malware installed into a compromised computer which can be controlled remotely by BotMaster for executing some orders through the received commands.  After the Bot code has been installed into the compromised computers, the computer becomes a Bot or Zombie.  Contrary to existing malware such as virus and worm which their main activities focus on attacking the infecting host, bots can receive commands from BotMaster and are used in distributed attack platform.
  • 23.  BotMaster– BotMaster is also known as BotHerder, is a person or a group of person which control remote Bots.  Botnets - Botnets are networks consisting of large number of Bots. Botnets are created by the BotMaster to setup a private communication infrastructure which can be used for malicious activities such as Distributed Denial-of-Service (DdoS), sending large amount of SPAM or phishing mails, and other nefarious purpose . Bots infect a person’s computer in many ways. Bots usually disseminate themselves across the Internet by looking for vulnerable and unprotected computers to infect.When they find an unprotected computer, they infect it and then send a report to the BotMaster. The Bot stay hidden until they are announced by their BotMaster to perform an attack or task
  • 24.
  • 25. The activities associated with Botnet can be classified into three parts: (1)Searching– searching for vulnerable and unprotectedcomputers. (2)Dissemination– the Bot code is distributed to the computers (targets), so the targets become Bots (3)sign-on – the Bots connect to BotMaster and become ready to receive command and control traffic.
  • 26.  A Rootkit is an automated software package which can be used by hacker to mask intrusion and to gain administrative (“root”) privileges on a computer or computer network.  The main malicious activities that Rootkit can do are: Provide unauthorized access to victim computer Mask malicious resources( e.g. processes, files, open ports, registry keys) Clean logs of the victim computer system which make the trace of hacker much complicate  Rootkit usually install a handler which can remove the audit records and other records of the rootkit.
  • 27.  What does It do?  A virus collects the sensitive data from the user’s computer such as financial information and passwords. It can also cause a computer to malfunction and relay spams.  How It enters a PC  Rootkit can be infected in a device either by sharing infected disks or drives. It can also be pre-installed on a purchased computer. Apart from these, when you download any software, Rootkit can enter your system, if the source is not a trusted source.
  • 28.  Logic bomb : A logic bomb, also called slag code, is programming code which lies inactive until a particular piece of program logic or specific event activates it.  There are some common activators which are the arrival of a specific date or time, certain message from the programmer, creation or deletion of some specific information and even can be activated when something does not happen.