280 likes | 454 Views
Community service college in mahd al dahab كلية المجتمع بالمهد Viruses, Worms and Trojan horse. PREPERARED BY: AHMED YOUNES SHDEFAT YOUNES IBRAHEM GELY . Outline. Definitions. Historical view. Types of Malicious Software . Impacts of Malicious Software . Prevention. References.
E N D
Community service college in mahd al dahabكلية المجتمع بالمهدViruses, Worms and Trojan horse PREPERARED BY:AHMED YOUNES SHDEFAT YOUNES IBRAHEM GELY
Outline • Definitions. • Historical view. • Types ofMalicious Software. • Impacts ofMalicious Software. • Prevention. • References.
Definitions • System security means protecting information systems, services and resources from unauthorized access, use, view, modification, recording or destruction. • For the individual, system security has a significant effect on privacy, which is viewed very differently in different cultures.
Definitions Viruses, Worms, and Trojan Horses • Malicious software can be inserted onto a host to damage or corrupt a system by denying access to networks, systems, or services. • They have the ability to replicate themselves. • Common names for this type of software are worms, viruses, and Trojan horses. • There are three main factors in order to distinguish between them: • The way of distribution. • The type of damage. • Standard symptoms for recognition.
Computer Virus • Computer virus is a computer program that could make copies of itself or attach itself to other executable codes in order to infect a computer. • The infection take place when the user trigger the virus by clicking on it or the executable file that contain the virus. • A virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.
Computer Worms • Computer Worms is a self-replicating malware computer program. It uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. • This is due to security shortcomings on the target computer. Unlike a virus, it does not need to attach itself to an existing program. • Worms always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost corrupt or modify files on a targeted computer.
Trojan Horse • Computer Trojan horse is a standalone malicious program that appears to perform a desirable function for the user prior to run or install but instead of that it facilitates unauthorized access of the user's computer system. • “It is a harmful piece of software that looks useful and legal program ,Users are typically tricked into loading and executing it on their systems”. • Trojan horse may open a closed port inside your system and let the intruders to enter into your system.
Historical View of Viruses • The first academic work on the theory of computer viruses (although the term "computer virus" was not used at that time) was done in 1949 by John von Neumann who held lectures at the University of Illinois about the “The Theory and Organization of Complicated Automata“ • In 1984 Fred Cohen from the University of Southern California wrote his paper "Computer Viruses - Theory and Experiments".It was the first paper to explicitly call a self-reproducing program a "virus“.
Historical View of Viruses • In 1971 the first virus has appeared as experimental self-replicating program called “Creeper virus”. • The first personal computer virus was created in 1981 by Richard Skrenta , the virus called "Elk Cloner.
Historical View of Worms • The 1988 Internet worm was not the first program of its type, nor (alas) was it the last. Here is a brief description of other historical worms. • The term "worm" actually comes from a science fiction story called The Shockwave Rider written by John Brunner in 1975. In short, the story is about a totalitarian government that controls its citizens through a powerful computer network. A freedom fighter infests this network with a program called a "tapeworm" forcing the government to shut down the network, thereby destroy its base of power.
Historical View of Worms • Morris worm or Internet worm It was written by a student in 1988 at Cornell University, Robert Tappan Morris
Historical View of Trojan Horse • The term is derived from the Trojan Horse story in Greek mythology “Iliad and Odyssey” the Trojan horse made of wood had employed to open the castle gates by presenting itself as harmless, useful gift. • The same idea with using computer Trojan horse which it presents itself as useful software in order to persuade victims to install them on their computers (just as the Trojans were tricked into taking the Trojan Horse inside their gates.)
Virus types • Types According to distribution methods: • File infects only executable file those with extension .EXE, .COM, etc. some virus destroy data files while the others with an intention of spreading by infecting only the executable files • Boot reside in the boot sector of the disk and spread by coping onto the boot sector of all the floppies used on the machine. These virus infect a system only when the system is booted from a infected floppy or disk
Virus types • Types According to Attack methods • DOS Viruses • Windows Viruses • Script Viruses • Java Viruses
Worm Types • Email Worms • Instant Messaging Worms • Internet Worms • IRC (Internet relay chat) Worms • File-sharing Networks Worms
Trojan horse types • The Remote Administration Trojan Horse Virus • gain full control over the infected system • The File Serving Trojan Horse Virus • create a file server on the infected machine • Distributed Denial of Service Attack Trojan Horse Virus • Keylogging Trojan Horse Virus • The Password Stealing Trojan Horse Virus • The System Killing Trojan Horse Virus • Trojan.Killfiles.904
Impacts of Malicious Software • Privacy violation. • Access restricted information. • Lose of identity. • Record all of your keystrokes and get your passwords. • Lose of data(Unavailability of vital data). • Lose of money.
Impacts of Malicious Software • Times consuming in order to get the data back by compare it with the backup. • Lose customer trust(losing of reputation). • Denial of service (DoS). • Generate large volumes of unwanted traffic, slowing down the entire system.
Prevention- Good Computer Security Practices • Secure your own personal computer physically. There are at least three layers of physical security: • Environmental design for working location. • Mechanical, electronic and procedural access control. • Personnel Identification. • Intrusion detection. • alarms, security lighting, security guard patrols or Video monitoring (closed-circuit television (CCTV)), to make it likely that attacks will be noticed.
Prevention- Good Computer Security Practices • Enable the firewall on your system. • Prevents intruders from accessing services on your system. • Validates/normalizes network traffic. • May provide reports about trend analysis. • Available for all major operating systems – usually for free! • Don’t keep restricted data (like uses accounts passwords) on portable devices (like external hard disk, CD/DVD, flash memory ….etc).
Prevention- Good Computer Security Practices • Back-up your data. • Make backups as a regular task, ideally at least once a day. • Backup data to removable media such as portable hard drives, CDs, DVDs, or a USB memory stick. • Store backup media safely and separately from the equipment. Remember, your data is valuable… don’t keep your backups in the same physical location as your computer! .
Prevention- Good Computer Security Practices • Use cryptic passwords that can’t be easily guessed and protect your passwords - don’t write them down and don’t share them! • In general it’s better to be composed of 8 or more characters and includes letters, numbers and 2 special characters, including !@#$%^&.-+-=|]{}:”. • Not based on any word in dictionary from any language. • Changes regularly; not shared.
Prevention- Good Computer Security Practices • Make sure your computer has anti-virus, anti-spyware and firewall protection as well as all necessary security patches. • Stops viruses, Trojans and worms sent by email, attachments, downloads, etc. • Detects malicious software through intelligent heuristics. • Available for all major desktop and server operating systems. • It’s A requirement not an option.
Prevention- Good Computer Security Practices • Don’t install unknown or unsolicited programs on your computer. • Practice safe e-mailing • Don’t open, forward, or reply to suspicious e-mails • Don’t open e-mail attachments or click on website addresses • Delete spam
Prevention- Good Computer Security Practices • Practice safe Internet use • Don’t access any site on the internet could be tracked back to your name and location. • Don’t access sites with questionable content often results in spam or release of viruses. • Don’t download unknown or unsolicited programs! • Lock your screen • <ctrl> <alt> <delete> <enter> Or <> <L>
References • von Neumann, John (1966). "Theory of Self-Reproducing Automata". Essays on Cellular Automata (University of Illinois Press): 66–87. Retrieved June 10., 2010. • Burger, Ralph, 1991. Computer Viruses and Data Protection, pp. 19-20 • Cohen, Fred (1984), Computer Viruses - Theory and Experiments • JussiParikka(2007) "Digital Contagions. A Media Archaeology of Computer Viruses", Peter Lang: New York. Digital Formations-series. ISBN 978-0-8204-8837-0, p. 50
References • Szor, Peter (2005). The Art of Computer Virus Research and Defense. Boston: Addison-Wesley. ISBN 0-321-30454-3. • Sellke, S. H.; Shroff, N. B.; Bagchi, S. (2008). "Modeling and Automated Containment of Worms". IEEE Transactions on Dependable and Secure Computing5 (2): 71–86. • Brunner, John (1975). The Shockwave Rider. New York: Ballantine Books. ISBN 0060105593.