SlideShare a Scribd company logo

Malware and security

G
Gurbakash Phonsa

Malware and security, software reliability, software engineering, computer science, computer engineering

Software
1 of 41
Malware 0 General misconception among people 0 Malware = “malicious software” 0 Malware is any kind of unwanted software that is installed without your consent on your computer. 0 Viruses, worms, Trojan horses, bombs, spyware, adware are subgroups of malware. Gurbakash Phonsa 2
Classification of malware 0 Malware can be classified into several categories, depending on propagation and concealment 0 Propagation 0 Virus: human-assisted propagation (e.g., open email attachment) 0 Worm: automatic propagation without human assistance 0 Concealment 0 Rootkit: modifies operating system to hide its existence 0 Trojan: provides desirable functionality but hides malicious operation 0 Various types of payloads, ranging from annoyance to crime Malware for stealing information: Spyware, keyloggers, screen scrapers Malware for profit: Dialers, scarewares, ransomware Gurbakash Phonsa 3
Computer Viruses 0 A computer virus is computer code that can replicate itself by modifying other files or programs to insert code that is capable of further replication. 0 This self-replication property is what distinguishes computer viruses from other kinds of malware, such as logic bombs. 0 Another distinguishing property of a virus is that replication requires some type of user assistance, such as clicking on an email attachment or sharing a USB drive. Gurbakash Phonsa 4
Viruses 0 A virus tries to infect a carrier, which in turn relies on the carrier to spread the virus around. 0 A computer virus is a program that can replicate itself and spread from one computer to another. Gurbakash Phonsa 5
Biological Analogy 0 Computer viruses share some properties with Biological viruses Gurbakash Phonsa 6 Attack Penetration Replication and assembly Release
Virus Phases 0 Dormant phase. During this phase, the virus just exists—the virus is laying low and avoiding detection. 0 Propagation phase. During this phase, the virus is replicating itself, infecting new files on new systems. 0 Triggering phase. In this phase, some logical condition causes the virus to move from a dormant or propagation phase to perform its intended action. 0 Action phase. In this phase, the virus performs the malicious action that it was designed to perform, called payload. 0 This action could include something seemingly innocent, like displaying a silly picture on a computer’s screen, or something quite malicious, such as deleting all essential files on the hard drive. Gurbakash Phonsa 7
Defenses Against Virus Virus Signature: Experts study the infected files looking for code fragments that are unique to the particular computer virus. Once they have located such a set of characteristic instructions, they can construct a character string that uniquely identifies this virus. This character string is known as a signature for the virus; it amounts to a kind of digital fingerprint. Virus detection software packages have to be frequently updated, so that they always are using the most up- to- date database of virus signatures. Gurbakash Phonsa 8
Computer Worms 0 A computer worm is a malware program that spreads copies of itself without the need to inject itself in other programs, and usually without human interaction. 0 Thus, computer worms are technically not computer viruses (since they don’t infect other programs), but some people nevertheless confuse the terms, since both spread by self-replication. 0 In most cases, a computer worm will carry a malicious payload, such as deleting files or installing a backdoor. Gurbakash Phonsa 9
Worm Propagation 0 Worms propagate by finding and infecting vulnerable hosts. 0 They need a way to tell if a host is vulnerable 0 They need a way to tell if a host is already infected. Gurbakash Phonsa 10 initial infection
Worms 0 Worms and viruses get interchanged commonly in the media. 0 In reality a worm is more dangerous than a virus. 0 User Propagation vs. Self Propagation 0 Worm is designed to replicate itself and disperse throughout the user’s network. 0 Email Worms and Internet Worms are the two most common worm. Gurbakash Phonsa 11
Email Worm 0 Email worm goes into a user’s contact/address book and chooses every user in that contact list. 0 It then copies itself and puts itself into an attachment; then the user will open the attachment and the process will start over again! 0 Video Example: I LOVE YOU WORM Gurbakash Phonsa 12
Internet Worms 0 A internet worm is designed to be conspicuous to the user. 0 The worms scans the computer for open internet ports that the worm can download itself into the computer. 0 Once inside the computer the worms scans the internet to infect more computers. Gurbakash Phonsa 13
Insider Attacks 0 An insider attack is a security breach that is caused or facilitated by someone who is a part of the very organization that controls or builds the asset that should be protected. 0 In the case of malware, an insider attack refers to a security hole that is created in a software system by one of its programmers. Gurbakash Phonsa 14
Logic Bombs 0 A logic bomb is a program that performs a malicious action as a result of a certain logic condition. 0 The classic example of a logic bomb is a programmer coding up the software for the payroll system who puts in code that makes the program crash should it ever process two consecutive payrolls without paying him. 0 Another classic example combines a logic bomb with a backdoor, where a programmer puts in a logic bomb that will crash the program on a certain date. Gurbakash Phonsa 15
Scareware 0 Software 0 with malicious payloads, or of limited or no benefit 0 Sold by social engineering to cause shock, anxiety, or the perception of a threat 0 Rapidly increasing 0 Anti-Phishing Working Group: # of scareware packages rose from 2,850 to 9,287 in 2nd half of 2008. 0 In 1st half of 2009, the APWG identified a 583% increase in scareware programs. 0 A 2010 study by Google found 11,000 domains hosting fake anti-virus software, accounting for 50% of malware delivered via Internet advertising Gurbakash Phonsa 16
Trojan Horses 0 A Trojan horse (or Trojan) is a malware program that appears to perform some useful task, but which also does something with negative consequences (e.g., launches a keylogger). 0 Trojan horses can be installed as part of the payload of other malware but are often installed by a user or administrator, either deliberately or accidentally. Gurbakash Phonsa 17
Trojans 0 Trojan horse: is a program or software designed to look like a useful or legitimate file. 0 Once the program is installed and opened it steals information or deletes data. 0 Trojan horses compared to other types of malware is that it usually runs only once and then is done functioning. Gurbakash Phonsa 18
Trojans cont. 0 Some create back-door effects 0 Another distribution of Trojans is by infecting a server that hosts websites. 0 Downfall of Trojans: very reliant on the user. 0 Video Example: Netural Zlob Trojan Gurbakash Phonsa 19
Current Trends 0 Trojans currently have largest infection potential 0 Often exploit browser vulnerabilities 0 Typically used to download other malware in multi-stage attacks Gurbakash Phonsa 20 Source: Symantec Internet Security Threat Report, April 2009
Rootkit 0 A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. 0 Emphasis is on hiding information from administrators’ view, so that malware is not detected 0 E.g., hiding processes, files, opened network connections, etc 0 Example: Sony BMG copy protection rootkit scandal 0 In 2005, Sony BMG included Extended Copy Protection on music CDs, which are automatically installed on Windows on CDs are played. Gurbakash Phonsa 21
Rootkits0 A rootkit modifies the operating system to hide its existence 0 E.g., modifies file system exploration utilities 0 Hard to detect using software that relies on the OS itself 0 RootkitRevealer 0 By Bryce Cogswell and Mark Russinovich (Sysinternals) 0 Two scans of file system 0 High-level scan using the Windows API 0 Raw scan using disk access methods 0 Discrepancy reveals presence of rootkit 0 Could be defeated by rootkit that intercepts and modifies results of raw scan operations 0 http://www.symantec.com/content/en/us/enterprise/media/securi ty_response/whitepapers/rootkits.pdf Gurbakash Phonsa 22
Adware Gurbakash Phonsa 23 Adware software payload Adware engine infects a user’s computer Computer user Adware agent Adware engine requests advertisements from adware agent Advertisers Advertisers contract with adware agent for content Adware agent delivers ad content to user
Spyware Gurbakash Phonsa 24 Spyware software payload 1. Spyware engine infects a user’s computer. Computer user Spyware data collection agent 2. Spyware process collects keystrokes, passwords, and screen captures. 3. Spyware process periodically sends collected data to spyware data collection agent.
Adware and Spyware 0 Adware is a type of malware designed to display advertisements in the user’s software. 0 They can be designed to be harmless or harmful; the adware gathers information on what the user searches the World Wide Web for. 0 With this gathered information it displays ads corresponding to information collected. Gurbakash Phonsa 25
Adware and Spyware cont.  Spyware is like adware it spies on the user to see what information it can collect off the user’s computer to display pop ads on the user’s computer.  Spyware unlike adware likes to use memory from programs running in the background of the computer to keep close watch on the user.  This most often clogs up the computer causing the program or computer to slow down and become un- fuctional. Gurbakash Phonsa 26
Signatures: A Malware Countermeasure 0 Scan compare the analyzed object with a database of signatures 0 A signature is a virus fingerprint 0 E.g.,a string with a sequence of instructions specific for each virus 0 Different from a digital signature 0 A file is infected if there is a signature inside its code 0 Fast pattern matching techniques to search for signatures 0 All the signatures together create the malware database that usually is proprietary Gurbakash Phonsa 27
Best Practices to safeguard against Malware 0 Try to limit software installations to systems that come from trusted sources, including large corporations, which have to deal with public-relations nightmares when their software is exploited by malware, 0 Avoid freeware and shareware unless it comes with verifiable guarantees about the absence of spyware and/ or adware 0 Avoid peer- to- peer ( P2P) music and video sharing systems, which are often hotbeds for adware, spyware, computer worms, and computer viruses. 0 Install a network monitor that blocks the installation of known instances of privacy- invasive software or the downloading of web pages from known malware web sites.• Gurbakash Phonsa 28
Best Practices to safeguard against Malware 0 Install a network firewall, which blocks the transmission of data to unauthorized locations, such as computers or email addresses of spyware sources.• 0 Use physical tokens, e. g., smartcards ( Section 2.3.3), or biometrics ( Section 2.3.5) in addition to passwords for authentication, so that even if a keylogger can capture the username and password, more information is required to compromise a user’s account.”Separation of Privilege” 0 Keep all software up- to- date. Computer worms usually don’t require direct interaction with humans. Instead, they spread by exploiting vulnerabilities in computers connected to a network. Therefore, the best way to thwart computer worms is to keep all programs updated Gurbakash Phonsa 29
Security software 0 Security software is any computer program designed to enhance information security. 0 The defense of computers against intrusion and unauthorized use of resources is called computer security. 0 Similarly, the defense of computer networks is called network security. Gurbakash Phonsa 30
Types of security software 0 Access control 0 Anti-keyloggers 0 Anti-spyware 0 Antivirus software 0 Cryptographic software 0 Firewall 0 Intrusion detection system (IDS) Gurbakash Phonsa 31
Antivirus Programs 0 Antivirus programs are designed to detect malware trying to enter the user’s system. 0 There are several ways a antivirus program can track malware entering the computer. 0 Software can use: 0 Signature based detection 0 Heuristics 0 Cloud Antivirus 0 Network Firewall Gurbakash Phonsa 32
Signature-Based Detection 0 Most common way a antivirus finds malware on a computer 0 Database of virus signatures 0 Constant Updates 0 Not 100% foolproof Gurbakash Phonsa 33
Heuristics 0 Detection of malware is done by monitoring files and how certain programs try to reform the files on the system. 0 When a modification takes place the antivirus alerts the user and tries to elevate the problem. Gurbakash Phonsa 34
Cloud Antivirus 0 New form of antivirus program 0 The virus scanning is done from a remote location(not on the computer). 0 Why this is so popular is because it relieves the physical computer resources. 0 Constant functionality (Nonstop scanning) 0 Security Issues Gurbakash Phonsa 35
Network Firewall 0 Operating systems way of protecting the user from unknown programs. 0 Not technically a antivirus program 0 Monitors the TCP/IP ports programs tries to access. Gurbakash Phonsa 36
Future Threats 0 Almost everything is hooked up to the internet in some sort of form. 0 Recent events have widened the eyes of many security experts. 0 The ability to gain access to high security organizations, infrastructures or mainframes has frightened many people. 0 Could one click of the mouse start World War III? Gurbakash Phonsa 37
How can we protect ourselves 0 Use an antivirus program and keep it up to date! 0 Yes they only protect from know malicious code out there, but it’s still something! Gurbakash Phonsa 38
Operating System’s Security 0 Keep your Operating System up to date! 0 Windows is one of the most hacked OS on the market. 0 The updates are mostly focused on security patches Gurbakash Phonsa 39
Become An Informed User! 0 Become aware of what you are doing on the internet! 0 Don’t click on pop up ads! 0 Keep up to date on current issues happening on the web! Gurbakash Phonsa 40
References 0 Wang, Wallace. (2006). Steal This Computer Book 4.0: What They Won’t Tell You About the Internet. San Francisco, CA: William Pollock. 0 Panda Cloud Antivirus. (n.d.) Retrieved October 29, 2011 from Wikipedia: http://www.en.wikipedia.org/wiki/Panda_Cloud_Antivirus 0 Fowler, Daniel. (2008). Importance of Cybersecurity Increases as Attacks Get More Dangerous. In Richard Joseph Stein (Ed.), Internet Safety (pp. 5-7). New York, NY: H.W. Wilson Company. 0 Viega, John. (2009). The Myths of Security: What the computer Security Industry Doesn’t Want you to Know. Sebastopol, CA: O’Reilly Media, Inc. 0 http://www.alanbonnici.com Gurbakash Phonsa 41

Recommended

Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Malware
MalwareMalware
MalwareAnoushka Srivastava
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
How To Protect From Malware
How To Protect From MalwareHow To Protect From Malware
How To Protect From MalwareINFONAUTICS GmbH
 
presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and securityAlisha Korpal
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 

Recommended

Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Malware
MalwareMalware
MalwareAnoushka Srivastava
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
How To Protect From Malware
How To Protect From MalwareHow To Protect From Malware
How To Protect From MalwareINFONAUTICS GmbH
 
presentation on cyber crime and security
presentation on cyber crime and securitypresentation on cyber crime and security
presentation on cyber crime and securityAlisha Korpal
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attackssommerville-videos
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentationikmal91
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindSaurabh Kheni
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentationA.S. Sabuj
 
Network security
Network securityNetwork security
Network securityfatimasaham
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityVivek Agarwal
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
Cyber security
Cyber securityCyber security
Cyber securityRishav Sadhu
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeMuhammad Osama Khalid
 
Advanced persistent threats(APT)
Advanced persistent threats(APT)Advanced persistent threats(APT)
Advanced persistent threats(APT)Network Intelligence India
 
Ppt
PptPpt
PptGeetu Khanna
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attackskrishh sivakrishna
 
Cyber security
Cyber securityCyber security
Cyber securitySapna Patil
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES Sagilasagi1
 
Cyber security
Cyber security Cyber security
Cyber security Sachith Lekamge
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxanbersattar
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 

More Related Content

What's hot

Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentationikmal91
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindSaurabh Kheni
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentationA.S. Sabuj
 
Network security
Network securityNetwork security
Network securityfatimasaham
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES Sagilasagi1
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Radar Cyber Security
 

What's hot (20)

Cyber security
Cyber securityCyber security
Cyber security
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentation
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For Mankind
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentation
 
Network security
Network securityNetwork security
Network security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Future
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Advanced persistent threats(APT)
Advanced persistent threats(APT)Advanced persistent threats(APT)
Advanced persistent threats(APT)
 
Ppt
PptPpt
Ppt
 
Cyber security
Cyber securityCyber security
Cyber security
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
 
Cyber security
Cyber securityCyber security
Cyber security
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES
 
Cyber security
Cyber security Cyber security
Cyber security
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 

Similar to Malware and security

Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxanbersattar
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
Presentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptxPresentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptxitsamuamit11
 
malwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdfmalwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdfitsamuamit11
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Presentation2
Presentation2Presentation2
Presentation2Jeslynn
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareTeodoro Cipresso
 
Types of Malware.docx
Types of Malware.docxTypes of Malware.docx
Types of Malware.docxSarahReese14
 
Presentation24190
Presentation24190Presentation24190
Presentation24190KRT395
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identificationsandeep shergill
 

Similar to Malware and security (20)

Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides ppt
 
Presentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptxPresentation_malware_anti_malware.pptx
Presentation_malware_anti_malware.pptx
 
Iss lecture 9
Iss lecture 9Iss lecture 9
Iss lecture 9
 
Malware
MalwareMalware
Malware
 
Malware
MalwareMalware
Malware
 
Computer virus
Computer virusComputer virus
Computer virus
 
malwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdfmalwareanti-malware-160630191004 (1).pdf
malwareanti-malware-160630191004 (1).pdf
 
viruses.pptx
viruses.pptxviruses.pptx
viruses.pptx
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
Presentation2
Presentation2Presentation2
Presentation2
 
Identifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting MalwareIdentifying, Monitoring, and Reporting Malware
Identifying, Monitoring, and Reporting Malware
 
Types of Malware.docx
Types of Malware.docxTypes of Malware.docx
Types of Malware.docx
 
Dickmaster
DickmasterDickmaster
Dickmaster
 
Virus
VirusVirus
Virus
 
MALWARE
MALWAREMALWARE
MALWARE
 
Presentation24190
Presentation24190Presentation24190
Presentation24190
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identification
 
virus
virusvirus
virus
 

More from Gurbakash Phonsa

Black box and White box examples
Black box and White box examplesBlack box and White box examples
Black box and White box examplesGurbakash Phonsa
 
Software quality iso-cmm-psp
Software quality iso-cmm-pspSoftware quality iso-cmm-psp
Software quality iso-cmm-pspGurbakash Phonsa
 
Review of object orientation
Review of object orientationReview of object orientation
Review of object orientationGurbakash Phonsa
 
Markov structure models iv
Markov structure models ivMarkov structure models iv
Markov structure models ivGurbakash Phonsa
 
Software reliability models error seeding model and failure model-iv
Software reliability models error seeding model and failure model-ivSoftware reliability models error seeding model and failure model-iv
Software reliability models error seeding model and failure model-ivGurbakash Phonsa
 

More from Gurbakash Phonsa (10)

Black box and White box examples
Black box and White box examplesBlack box and White box examples
Black box and White box examples
 
Software quality iso-cmm-psp
Software quality iso-cmm-pspSoftware quality iso-cmm-psp
Software quality iso-cmm-psp
 
Gantt PERT and CPM
Gantt PERT and CPMGantt PERT and CPM
Gantt PERT and CPM
 
CORBA
CORBACORBA
CORBA
 
Review of object orientation
Review of object orientationReview of object orientation
Review of object orientation
 
SRE Tools
SRE ToolsSRE Tools
SRE Tools
 
SRE Tools
SRE ToolsSRE Tools
SRE Tools
 
Time series models iv
Time series models ivTime series models iv
Time series models iv
 
Markov structure models iv
Markov structure models ivMarkov structure models iv
Markov structure models iv
 
Software reliability models error seeding model and failure model-iv
Software reliability models error seeding model and failure model-ivSoftware reliability models error seeding model and failure model-iv
Software reliability models error seeding model and failure model-iv
 

Recently uploaded

Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfDrew Moseley
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Mater
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsSafe Software
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationvaddepallysandeep122
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 

Recently uploaded (20)

Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Comparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdfComparing Linux OS Image Update Models - EOSS 2024.pdf
Comparing Linux OS Image Update Models - EOSS 2024.pdf
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Powering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data StreamsPowering Real-Time Decisions with Continuous Data Streams
Powering Real-Time Decisions with Continuous Data Streams
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentation
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 

Malware and security

  • 1.
  • 2. Malware 0 General misconception among people 0 Malware = “malicious software” 0 Malware is any kind of unwanted software that is installed without your consent on your computer. 0 Viruses, worms, Trojan horses, bombs, spyware, adware are subgroups of malware. Gurbakash Phonsa 2
  • 3. Classification of malware 0 Malware can be classified into several categories, depending on propagation and concealment 0 Propagation 0 Virus: human-assisted propagation (e.g., open email attachment) 0 Worm: automatic propagation without human assistance 0 Concealment 0 Rootkit: modifies operating system to hide its existence 0 Trojan: provides desirable functionality but hides malicious operation 0 Various types of payloads, ranging from annoyance to crime Malware for stealing information: Spyware, keyloggers, screen scrapers Malware for profit: Dialers, scarewares, ransomware Gurbakash Phonsa 3
  • 4. Computer Viruses 0 A computer virus is computer code that can replicate itself by modifying other files or programs to insert code that is capable of further replication. 0 This self-replication property is what distinguishes computer viruses from other kinds of malware, such as logic bombs. 0 Another distinguishing property of a virus is that replication requires some type of user assistance, such as clicking on an email attachment or sharing a USB drive. Gurbakash Phonsa 4
  • 5. Viruses 0 A virus tries to infect a carrier, which in turn relies on the carrier to spread the virus around. 0 A computer virus is a program that can replicate itself and spread from one computer to another. Gurbakash Phonsa 5
  • 6. Biological Analogy 0 Computer viruses share some properties with Biological viruses Gurbakash Phonsa 6 Attack Penetration Replication and assembly Release
  • 7. Virus Phases 0 Dormant phase. During this phase, the virus just exists—the virus is laying low and avoiding detection. 0 Propagation phase. During this phase, the virus is replicating itself, infecting new files on new systems. 0 Triggering phase. In this phase, some logical condition causes the virus to move from a dormant or propagation phase to perform its intended action. 0 Action phase. In this phase, the virus performs the malicious action that it was designed to perform, called payload. 0 This action could include something seemingly innocent, like displaying a silly picture on a computer’s screen, or something quite malicious, such as deleting all essential files on the hard drive. Gurbakash Phonsa 7
  • 8. Defenses Against Virus Virus Signature: Experts study the infected files looking for code fragments that are unique to the particular computer virus. Once they have located such a set of characteristic instructions, they can construct a character string that uniquely identifies this virus. This character string is known as a signature for the virus; it amounts to a kind of digital fingerprint. Virus detection software packages have to be frequently updated, so that they always are using the most up- to- date database of virus signatures. Gurbakash Phonsa 8
  • 9. Computer Worms 0 A computer worm is a malware program that spreads copies of itself without the need to inject itself in other programs, and usually without human interaction. 0 Thus, computer worms are technically not computer viruses (since they don’t infect other programs), but some people nevertheless confuse the terms, since both spread by self-replication. 0 In most cases, a computer worm will carry a malicious payload, such as deleting files or installing a backdoor. Gurbakash Phonsa 9
  • 10. Worm Propagation 0 Worms propagate by finding and infecting vulnerable hosts. 0 They need a way to tell if a host is vulnerable 0 They need a way to tell if a host is already infected. Gurbakash Phonsa 10 initial infection
  • 11. Worms 0 Worms and viruses get interchanged commonly in the media. 0 In reality a worm is more dangerous than a virus. 0 User Propagation vs. Self Propagation 0 Worm is designed to replicate itself and disperse throughout the user’s network. 0 Email Worms and Internet Worms are the two most common worm. Gurbakash Phonsa 11
  • 12. Email Worm 0 Email worm goes into a user’s contact/address book and chooses every user in that contact list. 0 It then copies itself and puts itself into an attachment; then the user will open the attachment and the process will start over again! 0 Video Example: I LOVE YOU WORM Gurbakash Phonsa 12
  • 13. Internet Worms 0 A internet worm is designed to be conspicuous to the user. 0 The worms scans the computer for open internet ports that the worm can download itself into the computer. 0 Once inside the computer the worms scans the internet to infect more computers. Gurbakash Phonsa 13
  • 14. Insider Attacks 0 An insider attack is a security breach that is caused or facilitated by someone who is a part of the very organization that controls or builds the asset that should be protected. 0 In the case of malware, an insider attack refers to a security hole that is created in a software system by one of its programmers. Gurbakash Phonsa 14
  • 15. Logic Bombs 0 A logic bomb is a program that performs a malicious action as a result of a certain logic condition. 0 The classic example of a logic bomb is a programmer coding up the software for the payroll system who puts in code that makes the program crash should it ever process two consecutive payrolls without paying him. 0 Another classic example combines a logic bomb with a backdoor, where a programmer puts in a logic bomb that will crash the program on a certain date. Gurbakash Phonsa 15
  • 16. Scareware 0 Software 0 with malicious payloads, or of limited or no benefit 0 Sold by social engineering to cause shock, anxiety, or the perception of a threat 0 Rapidly increasing 0 Anti-Phishing Working Group: # of scareware packages rose from 2,850 to 9,287 in 2nd half of 2008. 0 In 1st half of 2009, the APWG identified a 583% increase in scareware programs. 0 A 2010 study by Google found 11,000 domains hosting fake anti-virus software, accounting for 50% of malware delivered via Internet advertising Gurbakash Phonsa 16
  • 17. Trojan Horses 0 A Trojan horse (or Trojan) is a malware program that appears to perform some useful task, but which also does something with negative consequences (e.g., launches a keylogger). 0 Trojan horses can be installed as part of the payload of other malware but are often installed by a user or administrator, either deliberately or accidentally. Gurbakash Phonsa 17
  • 18. Trojans 0 Trojan horse: is a program or software designed to look like a useful or legitimate file. 0 Once the program is installed and opened it steals information or deletes data. 0 Trojan horses compared to other types of malware is that it usually runs only once and then is done functioning. Gurbakash Phonsa 18
  • 19. Trojans cont. 0 Some create back-door effects 0 Another distribution of Trojans is by infecting a server that hosts websites. 0 Downfall of Trojans: very reliant on the user. 0 Video Example: Netural Zlob Trojan Gurbakash Phonsa 19
  • 20. Current Trends 0 Trojans currently have largest infection potential 0 Often exploit browser vulnerabilities 0 Typically used to download other malware in multi-stage attacks Gurbakash Phonsa 20 Source: Symantec Internet Security Threat Report, April 2009
  • 21. Rootkit 0 A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. 0 Emphasis is on hiding information from administrators’ view, so that malware is not detected 0 E.g., hiding processes, files, opened network connections, etc 0 Example: Sony BMG copy protection rootkit scandal 0 In 2005, Sony BMG included Extended Copy Protection on music CDs, which are automatically installed on Windows on CDs are played. Gurbakash Phonsa 21
  • 22. Rootkits0 A rootkit modifies the operating system to hide its existence 0 E.g., modifies file system exploration utilities 0 Hard to detect using software that relies on the OS itself 0 RootkitRevealer 0 By Bryce Cogswell and Mark Russinovich (Sysinternals) 0 Two scans of file system 0 High-level scan using the Windows API 0 Raw scan using disk access methods 0 Discrepancy reveals presence of rootkit 0 Could be defeated by rootkit that intercepts and modifies results of raw scan operations 0 http://www.symantec.com/content/en/us/enterprise/media/securi ty_response/whitepapers/rootkits.pdf Gurbakash Phonsa 22
  • 23. Adware Gurbakash Phonsa 23 Adware software payload Adware engine infects a user’s computer Computer user Adware agent Adware engine requests advertisements from adware agent Advertisers Advertisers contract with adware agent for content Adware agent delivers ad content to user
  • 24. Spyware Gurbakash Phonsa 24 Spyware software payload 1. Spyware engine infects a user’s computer. Computer user Spyware data collection agent 2. Spyware process collects keystrokes, passwords, and screen captures. 3. Spyware process periodically sends collected data to spyware data collection agent.
  • 25. Adware and Spyware 0 Adware is a type of malware designed to display advertisements in the user’s software. 0 They can be designed to be harmless or harmful; the adware gathers information on what the user searches the World Wide Web for. 0 With this gathered information it displays ads corresponding to information collected. Gurbakash Phonsa 25
  • 26. Adware and Spyware cont.  Spyware is like adware it spies on the user to see what information it can collect off the user’s computer to display pop ads on the user’s computer.  Spyware unlike adware likes to use memory from programs running in the background of the computer to keep close watch on the user.  This most often clogs up the computer causing the program or computer to slow down and become un- fuctional. Gurbakash Phonsa 26
  • 27. Signatures: A Malware Countermeasure 0 Scan compare the analyzed object with a database of signatures 0 A signature is a virus fingerprint 0 E.g.,a string with a sequence of instructions specific for each virus 0 Different from a digital signature 0 A file is infected if there is a signature inside its code 0 Fast pattern matching techniques to search for signatures 0 All the signatures together create the malware database that usually is proprietary Gurbakash Phonsa 27
  • 28. Best Practices to safeguard against Malware 0 Try to limit software installations to systems that come from trusted sources, including large corporations, which have to deal with public-relations nightmares when their software is exploited by malware, 0 Avoid freeware and shareware unless it comes with verifiable guarantees about the absence of spyware and/ or adware 0 Avoid peer- to- peer ( P2P) music and video sharing systems, which are often hotbeds for adware, spyware, computer worms, and computer viruses. 0 Install a network monitor that blocks the installation of known instances of privacy- invasive software or the downloading of web pages from known malware web sites.• Gurbakash Phonsa 28
  • 29. Best Practices to safeguard against Malware 0 Install a network firewall, which blocks the transmission of data to unauthorized locations, such as computers or email addresses of spyware sources.• 0 Use physical tokens, e. g., smartcards ( Section 2.3.3), or biometrics ( Section 2.3.5) in addition to passwords for authentication, so that even if a keylogger can capture the username and password, more information is required to compromise a user’s account.”Separation of Privilege” 0 Keep all software up- to- date. Computer worms usually don’t require direct interaction with humans. Instead, they spread by exploiting vulnerabilities in computers connected to a network. Therefore, the best way to thwart computer worms is to keep all programs updated Gurbakash Phonsa 29
  • 30. Security software 0 Security software is any computer program designed to enhance information security. 0 The defense of computers against intrusion and unauthorized use of resources is called computer security. 0 Similarly, the defense of computer networks is called network security. Gurbakash Phonsa 30
  • 31. Types of security software 0 Access control 0 Anti-keyloggers 0 Anti-spyware 0 Antivirus software 0 Cryptographic software 0 Firewall 0 Intrusion detection system (IDS) Gurbakash Phonsa 31
  • 32. Antivirus Programs 0 Antivirus programs are designed to detect malware trying to enter the user’s system. 0 There are several ways a antivirus program can track malware entering the computer. 0 Software can use: 0 Signature based detection 0 Heuristics 0 Cloud Antivirus 0 Network Firewall Gurbakash Phonsa 32
  • 33. Signature-Based Detection 0 Most common way a antivirus finds malware on a computer 0 Database of virus signatures 0 Constant Updates 0 Not 100% foolproof Gurbakash Phonsa 33
  • 34. Heuristics 0 Detection of malware is done by monitoring files and how certain programs try to reform the files on the system. 0 When a modification takes place the antivirus alerts the user and tries to elevate the problem. Gurbakash Phonsa 34
  • 35. Cloud Antivirus 0 New form of antivirus program 0 The virus scanning is done from a remote location(not on the computer). 0 Why this is so popular is because it relieves the physical computer resources. 0 Constant functionality (Nonstop scanning) 0 Security Issues Gurbakash Phonsa 35
  • 36. Network Firewall 0 Operating systems way of protecting the user from unknown programs. 0 Not technically a antivirus program 0 Monitors the TCP/IP ports programs tries to access. Gurbakash Phonsa 36
  • 37. Future Threats 0 Almost everything is hooked up to the internet in some sort of form. 0 Recent events have widened the eyes of many security experts. 0 The ability to gain access to high security organizations, infrastructures or mainframes has frightened many people. 0 Could one click of the mouse start World War III? Gurbakash Phonsa 37
  • 38. How can we protect ourselves 0 Use an antivirus program and keep it up to date! 0 Yes they only protect from know malicious code out there, but it’s still something! Gurbakash Phonsa 38
  • 39. Operating System’s Security 0 Keep your Operating System up to date! 0 Windows is one of the most hacked OS on the market. 0 The updates are mostly focused on security patches Gurbakash Phonsa 39
  • 40. Become An Informed User! 0 Become aware of what you are doing on the internet! 0 Don’t click on pop up ads! 0 Keep up to date on current issues happening on the web! Gurbakash Phonsa 40
  • 41. References 0 Wang, Wallace. (2006). Steal This Computer Book 4.0: What They Won’t Tell You About the Internet. San Francisco, CA: William Pollock. 0 Panda Cloud Antivirus. (n.d.) Retrieved October 29, 2011 from Wikipedia: http://www.en.wikipedia.org/wiki/Panda_Cloud_Antivirus 0 Fowler, Daniel. (2008). Importance of Cybersecurity Increases as Attacks Get More Dangerous. In Richard Joseph Stein (Ed.), Internet Safety (pp. 5-7). New York, NY: H.W. Wilson Company. 0 Viega, John. (2009). The Myths of Security: What the computer Security Industry Doesn’t Want you to Know. Sebastopol, CA: O’Reilly Media, Inc. 0 http://www.alanbonnici.com Gurbakash Phonsa 41