SlideShare ist ein Scribd-Unternehmen logo

Computer Worms

sadique_ghitm
sadique_ghitm

Computer Worms

BildungTechnologie
1 von 20
COMPUTER WORMS Pondicherry University By: SADIQUE NAYEEM
Worms  Worms: A worm is a program that uses computer networks and security holes to replicate itself.  Scans the network for another machine that has a specific security hole and copies itself  Use up computer processing time and network bandwidth during replication.  Carry payloads that do considerable damage.
Virus v/s Worm Virus • Attaches itself to OS or the programs • Need user action to abet their propagation. • Damages caused is mostly local to the machine • Spread quite slowly Worm • Do not Attaches itself to OS • Self propagates across a network exploiting security in widely used services. • It harms the network and consumes n/w bandwidth. • Spread much more rapidly Ex. SQL Slammer worm 75,000 victims within ten minutes.
Mechanism of Operation
CLASSIFICATION Target discovery Carrier Activation Payloads
I. Target Discovery  Scanning:  Scanning entails probing a set of addresses to identify vulnerable hosts. (Sequential form or Random form)  Pre- Generated Target Lists  Externally Generated Target Lists  An target list maintained on a server (Metaserver)  Internal Target Lists  Network-based applications always contain information about other hosts  Passive  Not positively search for victim hosts, it waiting for potential victims contact and produces no abnormal traffic  More stealthy
II. Propagation Carriers  Two basic types  Positively spread itself machine by machine(Self- Carried)  Be carried along with normal communication.  Second Channel  Need second communication channel  Embedded  Either appending to or replacing normal messages and very difficult to detect
III. Activation  Human Activation(slowest worm activation method)  Try to convince people by using social engineering techniques  Indicating urgency, “Attached is an important message for you”  Using people’s vanity, “Open this message to see who loves you”  Human Activity-Based Activation  Resetting the machine  Logging in  Opening a remotely infected file  Scheduled Process Activation  Auto-updater programs  Self Activation(fastest worm activation)  Attach themselves to running services
IV. Payloads  A "payload" is code in the worm designed to do more than spread the worm.  None/nonfunctional (Morris worms)  Internet Remote Control (Code Red II)  Spam-Relays (Sobig.f)  Internet DOS (Code Red, Yaha)  Data Collection(target on sensitive data and identity theft)  Data Damage(erase data)  Physical-world Damage  Reflashing the BIOSs  Destroying the motherboards
Work of Payloads  Delete files  Encrypt files  Send documents via e-mail  Install a “backdoor” in the infected computer to allow the creation of a “zombie” computer under control of the worm author. Networks of such machines are often referred to as botnets.
Prevalence Table – November 2011 Malware Type % Autorun Worm 8.08% Heuristic/generic Worm 5.13% Conficker/Downadup Worm 2.85% VB Worm 2.12% Dorkbot Worm 1.46% According to VIRUS BULLETIN (www.virusbtn.com)JANUARY 2012
Motivation  experimental curiosity(Morris worms)  pride  extortion and criminal gain  random protest  political protest  terrorism  Cyber warfare
Morris worms  Launched on November 2, 1988 from MIT, by Robert Morris.  Designed to spread on UNIX System.  6000 computers out of 60000 computers at that time (i.e 10%).  The U.S. GAO(Government Accountability Office) put the cost of the damage at $10M–100M.  He was convicted in the US under the 1986 Computer Fraud and Abuse Act.
Code Red  Made huge headlines in 2001.  It slowed down Internet traffic when it began to replicate itself.  Worm scanned the Internet for unpatched Windows NT or Windows 2000 servers.  The Code Red worm had instructions to do three things:  Replicate itself for the first 20 days of each month  Replace Web pages featuring the message "Hacked by Chinese"  Launch a concerted attack on the White House Web site. ----The U.S. government changed the IP address of www.whitehouse.gov (198.137.240.91).
Nimda  The worm was released on September 18, 2001  the Internet’s most widespread virus/worm within 22 minutes.  Nimda affected both user workstations (clients) running Windows 95, 98, Me, NT, 2000 or XP and servers running Windows NT and 2000.  Nimda spread by five different infection vectors:  via email  via open network shares  via browsing of compromised web sites  via back doors left behind by the "Code Red II" and "sadmind/IIS" worms.
SQL Slammer worm  Starting on January 25, 2003. It spread rapidly, infecting most of its 75,000 victims within ten minutes.  Although titled "SQL slammer worm", the program did not use the SQL language  It exploited a buffer overflow bug in Microsoft's SQL Server  Slammer's tiny (376 byte) program.
Sobig.f Worm  In late 2003, the Sobig.f worm exploited open proxy servers to turn infected machines into a spam engine.  The Sobig worm appears as an electronic mail with one of the following subjects: Re: Approved, Re: Details, Re: My details, Re: Thank you!, Re: That movie etc.  It will contain the text: "See the attached file for details” and have attachments such as application.pif, details.pif, movie0045.pif etc.  At its peak Sobig.f reportedly accounted for 1 in every 17 messages.  It produced more than one million copies of itself with in the first 24 hours.  It was written using the Microsoft Visual C++ compiler.
Prevention  How can I prevent virus’, trojans, worms and malware fromgetting onto my system?  Careful web browsing  E-mail safety  Keep protection tools up to date  Review software being installed  and monitor your child’s computer usage
Current research Focus  Modelling: To model Worm propagation  Scanning Techniques  Sequential Scanning  Hit List Based Scanning  Permutation Scanning  Preferential Subnet Scanning  Propagation Mechanisms  Prevention Techniques
Refrences 1. VIRUS BULLETIN (www.virusbtn.com)JANUARY 2012 2. A Taxonomy of ComputerWorms WO RM’0 3, O cto be r 27 , 20 0 3, Washing to n, DC, USA. 3. www.vxheavens.com 4. www. wikipe dia. co m 5. www. ho wstuffwo rks. co m 6. NetworkSecurity Essentials -William Stallings

Empfohlen

Cyber attack
Cyber attackCyber attack
Cyber attackManjushree Mashal
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
Trojan horse
Trojan horseTrojan horse
Trojan horseGaurang Rathod
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Virus and worms
Virus and wormsVirus and worms
Virus and wormsVikas Sharma
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attackstollen_fusion
 
Malware ppt
Malware pptMalware ppt
Malware pptFaiz Khan
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES Sagilasagi1
 

Empfohlen

Cyber attack
Cyber attackCyber attack
Cyber attackManjushree Mashal
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
Trojan horse
Trojan horseTrojan horse
Trojan horseGaurang Rathod
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Virus and worms
Virus and wormsVirus and worms
Virus and wormsVikas Sharma
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attackstollen_fusion
 
Malware ppt
Malware pptMalware ppt
Malware pptFaiz Khan
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES Sagilasagi1
 
Types of malware
Types of malwareTypes of malware
Types of malwaretechexpert2345
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Internet Security
Internet SecurityInternet Security
Internet SecurityMitesh Gupta
 
Computer worms viruses and Prevention
Computer worms viruses and PreventionComputer worms viruses and Prevention
Computer worms viruses and PreventionPratimesh Pathak
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Malware
MalwareMalware
MalwareTuhin_Das
 
Web Hacking
Web HackingWeb Hacking
Web HackingInformation Technology
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1Vamsee Krishna Kiran
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentationAmjad Bhutto
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attackskrishh sivakrishna
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingSagar Verma
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Malicious software
Malicious softwareMalicious software
Malicious softwareDr.Florence Dayana
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service AttackDhrumil Panchal
 
Network security
Network securityNetwork security
Network securityquest university nawabshah
 
Computer worm
Computer wormComputer worm
Computer wormzelkan19
 
Computer Virus powerpoint presentation
Computer Virus powerpoint presentationComputer Virus powerpoint presentation
Computer Virus powerpoint presentationshohrabkhan
 

Weitere ähnliche Inhalte

Was ist angesagt?

Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Computer worms viruses and Prevention
Computer worms viruses and PreventionComputer worms viruses and Prevention
Computer worms viruses and PreventionPratimesh Pathak
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentationAmjad Bhutto
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Cyber threats
Cyber threatsCyber threats
Cyber threatskelsports
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingSagar Verma
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service AttackDhrumil Panchal
 

Was ist angesagt? (20)

Types of malware
Types of malwareTypes of malware
Types of malware
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Computer worms viruses and Prevention
Computer worms viruses and PreventionComputer worms viruses and Prevention
Computer worms viruses and Prevention
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing Techniques
 
Malware
MalwareMalware
Malware
 
Web Hacking
Web HackingWeb Hacking
Web Hacking
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Cyber threats
Cyber threatsCyber threats
Cyber threats
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security Vulnerabilities
 
Botnets
BotnetsBotnets
Botnets
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Denial of Service Attack
Denial of Service AttackDenial of Service Attack
Denial of Service Attack
 
Network security
Network securityNetwork security
Network security
 

Andere mochten auch

Computer worm
Computer wormComputer worm
Computer wormzelkan19
 
Computer Virus powerpoint presentation
Computer Virus powerpoint presentationComputer Virus powerpoint presentation
Computer Virus powerpoint presentationshohrabkhan
 
Viruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesViruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesMario Reascos
 
Virus worm trojan
Virus worm trojanVirus worm trojan
Virus worm trojan100701982
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)ainizbahari97
 
ANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationabhijit chintamani
 
MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS
MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS
MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS sohail awan
 
presentation on computer virus
presentation on computer viruspresentation on computer virus
presentation on computer virusYogesh Singh Rawat
 
virus powerpoint
virus powerpointvirus powerpoint
virus powerpointkmtschida
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Digi tek project fiona presentation may 1st
Digi tek project fiona presentation may 1stDigi tek project fiona presentation may 1st
Digi tek project fiona presentation may 1stjemillsunt
 
Hardening firefox, Securizar Mozilla Firefox
Hardening firefox, Securizar Mozilla FirefoxHardening firefox, Securizar Mozilla Firefox
Hardening firefox, Securizar Mozilla FirefoxPrivaciseguridad
 
Razer’s project christine
Razer’s project christineRazer’s project christine
Razer’s project christineBill Hamlin
 

Andere mochten auch (20)

Computer worm
Computer wormComputer worm
Computer worm
 
Computer Virus powerpoint presentation
Computer Virus powerpoint presentationComputer Virus powerpoint presentation
Computer Virus powerpoint presentation
 
Viruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesViruses, Worms And Trojan Horses
Viruses, Worms And Trojan Horses
 
Virus worm trojan
Virus worm trojanVirus worm trojan
Virus worm trojan
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)
 
ANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentation
 
MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS
MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS
MALICIOUS SOFTWARE VIRUS WORM TROJAN HORSE ANTI VIRUS
 
Computer virus
Computer virusComputer virus
Computer virus
 
presentation on computer virus
presentation on computer viruspresentation on computer virus
presentation on computer virus
 
virus powerpoint
virus powerpointvirus powerpoint
virus powerpoint
 
Worms
WormsWorms
Worms
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Viruses
VirusesViruses
Viruses
 
Computer virus
Computer virusComputer virus
Computer virus
 
Digi tek project fiona presentation may 1st
Digi tek project fiona presentation may 1stDigi tek project fiona presentation may 1st
Digi tek project fiona presentation may 1st
 
Hardening firefox, Securizar Mozilla Firefox
Hardening firefox, Securizar Mozilla FirefoxHardening firefox, Securizar Mozilla Firefox
Hardening firefox, Securizar Mozilla Firefox
 
Razer’s project christine
Razer’s project christineRazer’s project christine
Razer’s project christine
 
Cyber theft !!!
Cyber theft !!!Cyber theft !!!
Cyber theft !!!
 
All about viruses
All about virusesAll about viruses
All about viruses
 
Piracy
PiracyPiracy
Piracy
 

Ähnlich wie Computer Worms

5 worms and other malware
5 worms and other malware5 worms and other malware
5 worms and other malwaredrewz lin
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
Computer virus and cyber attack
Computer virus and cyber attackComputer virus and cyber attack
Computer virus and cyber attackBhavesh soni
 
Computer viruses
Computer virusesComputer viruses
Computer virusesDark Side
 
Viruses (2).ppt
Viruses (2).pptViruses (2).ppt
Viruses (2).pptPrinceYdvz
 
Computer worm
Computer wormComputer worm
Computer wormzelkan19
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 

Ähnlich wie Computer Worms (20)

5 worms and other malware
5 worms and other malware5 worms and other malware
5 worms and other malware
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
Computer virus and cyber attack
Computer virus and cyber attackComputer virus and cyber attack
Computer virus and cyber attack
 
Viruses
VirusesViruses
Viruses
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
 
Viruses.ppt
Viruses.pptViruses.ppt
Viruses.ppt
 
Viruses.ppt
Viruses.pptViruses.ppt
Viruses.ppt
 
Viruses (2).ppt
Viruses (2).pptViruses (2).ppt
Viruses (2).ppt
 
Viruses.ppt
Viruses.pptViruses.ppt
Viruses.ppt
 
Viruses.ppt
Viruses.pptViruses.ppt
Viruses.ppt
 
Viruses (1).ppt
Viruses (1).pptViruses (1).ppt
Viruses (1).ppt
 
Viruses
VirusesViruses
Viruses
 
Computer worm
Computer wormComputer worm
Computer worm
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
 
Malware
MalwareMalware
Malware
 
Computer Introduction-Lecture04
Computer Introduction-Lecture04Computer Introduction-Lecture04
Computer Introduction-Lecture04
 
Network Security.pptx
Network Security.pptxNetwork Security.pptx
Network Security.pptx
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides ppt
 

Mehr von sadique_ghitm

Organizational Behaviour
Organizational BehaviourOrganizational Behaviour
Organizational Behavioursadique_ghitm
 
Digital India Initiative
Digital India Initiative Digital India Initiative
Digital India Initiative sadique_ghitm
 
Pumping lemma for regular language
Pumping lemma for regular languagePumping lemma for regular language
Pumping lemma for regular languagesadique_ghitm
 
Entity Relationship Diagrams
Entity Relationship DiagramsEntity Relationship Diagrams
Entity Relationship Diagramssadique_ghitm
 
Data Flow Diagram (DFD)
Data Flow Diagram (DFD)Data Flow Diagram (DFD)
Data Flow Diagram (DFD)sadique_ghitm
 
A Study on Face Recognition Technique based on Eigenface
A Study on Face Recognition Technique based on EigenfaceA Study on Face Recognition Technique based on Eigenface
A Study on Face Recognition Technique based on Eigenfacesadique_ghitm
 
Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)sadique_ghitm
 
Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...
Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...
Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...sadique_ghitm
 
Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...
Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...
Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...sadique_ghitm
 
Face recognition: A Comparison of Appearance Based Approaches
Face recognition: A Comparison of Appearance Based ApproachesFace recognition: A Comparison of Appearance Based Approaches
Face recognition: A Comparison of Appearance Based Approachessadique_ghitm
 
A study on face recognition technique based on eigenface
A study on face recognition technique based on eigenfaceA study on face recognition technique based on eigenface
A study on face recognition technique based on eigenfacesadique_ghitm
 
Design and analysis of a mobile file sharing system for opportunistic networks
Design and analysis of a mobile file sharing system for opportunistic networksDesign and analysis of a mobile file sharing system for opportunistic networks
Design and analysis of a mobile file sharing system for opportunistic networkssadique_ghitm
 
A hybrid genetic algorithm and chaotic function model for image encryption
A hybrid genetic algorithm and chaotic function model for image encryptionA hybrid genetic algorithm and chaotic function model for image encryption
A hybrid genetic algorithm and chaotic function model for image encryptionsadique_ghitm
 
A controlled experiment in assessing and estimating software maintenance tasks
A controlled experiment in assessing and estimating software maintenance tasks A controlled experiment in assessing and estimating software maintenance tasks
A controlled experiment in assessing and estimating software maintenance tasks sadique_ghitm
 

Mehr von sadique_ghitm (17)

Attitude
AttitudeAttitude
Attitude
 
Personality
PersonalityPersonality
Personality
 
Organizational Behaviour
Organizational BehaviourOrganizational Behaviour
Organizational Behaviour
 
Digital India Initiative
Digital India Initiative Digital India Initiative
Digital India Initiative
 
Pumping lemma for regular language
Pumping lemma for regular languagePumping lemma for regular language
Pumping lemma for regular language
 
Entity Relationship Diagrams
Entity Relationship DiagramsEntity Relationship Diagrams
Entity Relationship Diagrams
 
Data Flow Diagram (DFD)
Data Flow Diagram (DFD)Data Flow Diagram (DFD)
Data Flow Diagram (DFD)
 
A Study on Face Recognition Technique based on Eigenface
A Study on Face Recognition Technique based on EigenfaceA Study on Face Recognition Technique based on Eigenface
A Study on Face Recognition Technique based on Eigenface
 
Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)Detecting HTTP Botnet using Artificial Immune System (AIS)
Detecting HTTP Botnet using Artificial Immune System (AIS)
 
Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...
Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...
Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detec...
 
Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...
Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...
Study and Analysis of Novel Face Recognition Techniques using PCA, LDA and Ge...
 
Face recognition: A Comparison of Appearance Based Approaches
Face recognition: A Comparison of Appearance Based ApproachesFace recognition: A Comparison of Appearance Based Approaches
Face recognition: A Comparison of Appearance Based Approaches
 
A study on face recognition technique based on eigenface
A study on face recognition technique based on eigenfaceA study on face recognition technique based on eigenface
A study on face recognition technique based on eigenface
 
Design and analysis of a mobile file sharing system for opportunistic networks
Design and analysis of a mobile file sharing system for opportunistic networksDesign and analysis of a mobile file sharing system for opportunistic networks
Design and analysis of a mobile file sharing system for opportunistic networks
 
A hybrid genetic algorithm and chaotic function model for image encryption
A hybrid genetic algorithm and chaotic function model for image encryptionA hybrid genetic algorithm and chaotic function model for image encryption
A hybrid genetic algorithm and chaotic function model for image encryption
 
A controlled experiment in assessing and estimating software maintenance tasks
A controlled experiment in assessing and estimating software maintenance tasks A controlled experiment in assessing and estimating software maintenance tasks
A controlled experiment in assessing and estimating software maintenance tasks
 
Holographic Memory
Holographic MemoryHolographic Memory
Holographic Memory
 

Kürzlich hochgeladen

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 

Kürzlich hochgeladen (20)

Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 

Computer Worms

  • 2. Worms  Worms: A worm is a program that uses computer networks and security holes to replicate itself.  Scans the network for another machine that has a specific security hole and copies itself  Use up computer processing time and network bandwidth during replication.  Carry payloads that do considerable damage.
  • 3. Virus v/s Worm Virus • Attaches itself to OS or the programs • Need user action to abet their propagation. • Damages caused is mostly local to the machine • Spread quite slowly Worm • Do not Attaches itself to OS • Self propagates across a network exploiting security in widely used services. • It harms the network and consumes n/w bandwidth. • Spread much more rapidly Ex. SQL Slammer worm 75,000 victims within ten minutes.
  • 6. I. Target Discovery  Scanning:  Scanning entails probing a set of addresses to identify vulnerable hosts. (Sequential form or Random form)  Pre- Generated Target Lists  Externally Generated Target Lists  An target list maintained on a server (Metaserver)  Internal Target Lists  Network-based applications always contain information about other hosts  Passive  Not positively search for victim hosts, it waiting for potential victims contact and produces no abnormal traffic  More stealthy
  • 7. II. Propagation Carriers  Two basic types  Positively spread itself machine by machine(Self- Carried)  Be carried along with normal communication.  Second Channel  Need second communication channel  Embedded  Either appending to or replacing normal messages and very difficult to detect
  • 8. III. Activation  Human Activation(slowest worm activation method)  Try to convince people by using social engineering techniques  Indicating urgency, “Attached is an important message for you”  Using people’s vanity, “Open this message to see who loves you”  Human Activity-Based Activation  Resetting the machine  Logging in  Opening a remotely infected file  Scheduled Process Activation  Auto-updater programs  Self Activation(fastest worm activation)  Attach themselves to running services
  • 9. IV. Payloads  A "payload" is code in the worm designed to do more than spread the worm.  None/nonfunctional (Morris worms)  Internet Remote Control (Code Red II)  Spam-Relays (Sobig.f)  Internet DOS (Code Red, Yaha)  Data Collection(target on sensitive data and identity theft)  Data Damage(erase data)  Physical-world Damage  Reflashing the BIOSs  Destroying the motherboards
  • 10. Work of Payloads  Delete files  Encrypt files  Send documents via e-mail  Install a “backdoor” in the infected computer to allow the creation of a “zombie” computer under control of the worm author. Networks of such machines are often referred to as botnets.
  • 11. Prevalence Table – November 2011 Malware Type % Autorun Worm 8.08% Heuristic/generic Worm 5.13% Conficker/Downadup Worm 2.85% VB Worm 2.12% Dorkbot Worm 1.46% According to VIRUS BULLETIN (www.virusbtn.com)JANUARY 2012
  • 12. Motivation  experimental curiosity(Morris worms)  pride  extortion and criminal gain  random protest  political protest  terrorism  Cyber warfare
  • 13. Morris worms  Launched on November 2, 1988 from MIT, by Robert Morris.  Designed to spread on UNIX System.  6000 computers out of 60000 computers at that time (i.e 10%).  The U.S. GAO(Government Accountability Office) put the cost of the damage at $10M–100M.  He was convicted in the US under the 1986 Computer Fraud and Abuse Act.
  • 14. Code Red  Made huge headlines in 2001.  It slowed down Internet traffic when it began to replicate itself.  Worm scanned the Internet for unpatched Windows NT or Windows 2000 servers.  The Code Red worm had instructions to do three things:  Replicate itself for the first 20 days of each month  Replace Web pages featuring the message "Hacked by Chinese"  Launch a concerted attack on the White House Web site. ----The U.S. government changed the IP address of www.whitehouse.gov (198.137.240.91).
  • 15. Nimda  The worm was released on September 18, 2001  the Internet’s most widespread virus/worm within 22 minutes.  Nimda affected both user workstations (clients) running Windows 95, 98, Me, NT, 2000 or XP and servers running Windows NT and 2000.  Nimda spread by five different infection vectors:  via email  via open network shares  via browsing of compromised web sites  via back doors left behind by the "Code Red II" and "sadmind/IIS" worms.
  • 16. SQL Slammer worm  Starting on January 25, 2003. It spread rapidly, infecting most of its 75,000 victims within ten minutes.  Although titled "SQL slammer worm", the program did not use the SQL language  It exploited a buffer overflow bug in Microsoft's SQL Server  Slammer's tiny (376 byte) program.
  • 17. Sobig.f Worm  In late 2003, the Sobig.f worm exploited open proxy servers to turn infected machines into a spam engine.  The Sobig worm appears as an electronic mail with one of the following subjects: Re: Approved, Re: Details, Re: My details, Re: Thank you!, Re: That movie etc.  It will contain the text: "See the attached file for details” and have attachments such as application.pif, details.pif, movie0045.pif etc.  At its peak Sobig.f reportedly accounted for 1 in every 17 messages.  It produced more than one million copies of itself with in the first 24 hours.  It was written using the Microsoft Visual C++ compiler.
  • 18. Prevention  How can I prevent virus’, trojans, worms and malware fromgetting onto my system?  Careful web browsing  E-mail safety  Keep protection tools up to date  Review software being installed  and monitor your child’s computer usage
  • 19. Current research Focus  Modelling: To model Worm propagation  Scanning Techniques  Sequential Scanning  Hit List Based Scanning  Permutation Scanning  Preferential Subnet Scanning  Propagation Mechanisms  Prevention Techniques
  • 20. Refrences 1. VIRUS BULLETIN (www.virusbtn.com)JANUARY 2012 2. A Taxonomy of ComputerWorms WO RM’0 3, O cto be r 27 , 20 0 3, Washing to n, DC, USA. 3. www.vxheavens.com 4. www. wikipe dia. co m 5. www. ho wstuffwo rks. co m 6. NetworkSecurity Essentials -William Stallings