computer security dd2395
play

Computer Security DD2395 - PowerPoint PPT Presentation

Jul 11, 2023 •314 likes •427 views

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010 Sonja Buchegger buc@kth.se Lecture 7, Feb. 8, 2010 Malicious Software Malicious Software programs exploiting system vulnerabilities known

  1. Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010 Sonja Buchegger buc@kth.se Lecture 7, Feb. 8, 2010 Malicious Software

  2. Malicious Software  programs exploiting system vulnerabilities  known as malicious software or malware  program fragments that need a host program  e.g. viruses, logic bombs, and backdoors  independent self-contained programs  e.g. worms, bots  replicating or not  sophisticated threat to computer systems Feb. 8, 2010 KTH DD2395 Sonja Buchegger 2

  3. Malware Terminology  Virus  Worm  Logic bomb  Trojan horse  Backdoor (trapdoor)  Mobile code  Auto-rooter Kit (virus generator)  Spammer and Flooder programs  Keyloggers  Rootkit  Zombie, bot Feb. 8, 2010 KTH DD2395 Sonja Buchegger 3

  4. Viruses  piece of software that infects programs  modifying them to include a copy of the virus  so it executes secretly when host program is run  specific to operating system and hardware  taking advantage of their details and weaknesses  a typical virus goes through phases of:  dormant  propagation  triggering  execution Feb. 8, 2010 KTH DD2395 Sonja Buchegger 4

  5. Virus Structure  components:  infection mechanism - enables replication  trigger - event that makes payload activate  payload - what it does, malicious or benign  prepended / appended / embedded  when infected program invoked, executes virus code then original program code  can block initial infection (difficult)  or propagation (with access controls) Feb. 8, 2010 KTH DD2395 Sonja Buchegger 5

  6. Virus Structure Feb. 8, 2010 KTH DD2395 Sonja Buchegger 6

  7. Compression Virus Feb. 8, 2010 KTH DD2395 Sonja Buchegger 7

  8. Virus Classification  boot sector  file infector  macro virus  encrypted virus  stealth virus  polymorphic virus  metamorphic virus Feb. 8, 2010 KTH DD2395 Sonja Buchegger 8

  9. Macro Virus  became very common in mid-1990s since  platform independent  infects documents  is easily spread  exploit macro capability of office apps  executable program embedded in office doc  often a form of Basic  more recent releases include protection  recognized by many anti-virus programs Feb. 8, 2010 KTH DD2395 Sonja Buchegger 9

  10. E-Mail Viruses  more recent development  e.g. Melissa  exploits MS Word macro in attached doc  if attachment opened, macro activates  sends email to all on users address list  and does local damage  then saw versions triggered reading email  hence much faster propagation Feb. 8, 2010 KTH DD2395 Sonja Buchegger 10

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010 Sonja Buchegger buc@kth.se Lecture 11, Nov. 29, 2010 Multi-Level Security Trusted Computing and Multilevel Security present some interrelated

1k views • 41 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak12/ Fall 2012

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak12/ Fall 2012

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak12/ Fall 2012 Sonja Buchegger buc@kth.se Lecture 9 Firewalls (maybe start on Multilevel Security) DD2395 Sonja Buchegger 1 Catch-up Labs l Labbvecka in June

540 views • 35 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010 Sonja Buchegger buc@kth.se Lecture 13, Dec. 6, 2010 Auditing Security Audit an independent review and examination of a system's records

353 views • 33 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 3 User Authentication KTH DD2395 Sonja Buchegger 1 More Follow-up Courses l EP2500: Networked Systems

821 views • 26 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 8 Denial of Service DD2395 Sonja Buchegger 1 Course Admin l WANTED: Student representatives for the

1.29k views • 37 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin l Lab 2: - prepare before lab session - signup!

844 views • 39 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010 Sonja Buchegger buc@kth.se Lecture 8, Feb. 10, 2010 Malicious Software, Denial of Service Announcements ! Lab reports ! Bonus points !

1.08k views • 42 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 10, Nov. 24, 2011 Social Engineering DD2395, Sonja Buchegger 1 Course Admin GPG Lab 1 bonus results in

1.22k views • 39 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Spring 2010 Sonja Buchegger buc@kth.se Lecture 2, Jan. 20, 2010 Cryptography Scope of Computer Security Jan. 20, 2010 KTH DD2395 Sonja Buchegger 2

469 views • 45 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010 Sonja Buchegger buc@kth.se Lecture 2, Oct. 27, 2010 Cryptography Oct. 27, 2010 KTH DD2395 Sonja Buchegger 1 Questionnaire Results Prior

602 views • 42 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 4 Access Control 1 Access Control l The prevention of unauthorized use* of a resource, including the

429 views • 39 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Fall 2010 Sonja Buchegger buc@kth.se Lecture 1, Oct. 25, 2010 Introduction Oct. 25, 2010 Computer Security, Sonja Buchegger 1 Outline for Today About

670 views • 43 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 1, Oct. 25, 2011 Introduction Oct. 25, 2011 Computer Security, Sonja Buchegger 1 Outline for Today ! About

565 views • 45 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Spring 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasakh10/ Spring 2010 Sonja Buchegger buc@kth.se Lecture 7, Nov. 15, 2010 Malicious Software, Denial of Service Nov. 15, 2010 DD2395 Sonja Buchegger 1 Malicious

589 views • 48 slides
Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Fall 2010

Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/DD2395/dasak10/ Fall 2010 Sonja Buchegger buc@kth.se Lecture 3 User Authentication KTH DD2395 Sonja Buchegger 1 User Authentication KTH DD2395 Sonja Buchegger 2 User

485 views • 27 slides
Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer

Introduction to Computer Security Rev. Sept 2015 What is Computer Security? 2 Computer Security is the protection of computing systems and the data that they store or access 3 Why is Computer Security Important? Computer Security allows

690 views • 19 slides
Cloud Security VS Cybercrime Economy: The Kaspersky Vision Eugene Kaspersky Co-founder &

Cloud Security VS Cybercrime Economy: The Kaspersky Vision Eugene Kaspersky Co-founder &

Cloud Security VS Cybercrime Economy: The Kaspersky Vision Eugene Kaspersky Co-founder & CEO, Kaspersky Lab The Digital World is Under Attack 20,000,000 Cybercrime is an integral part of the 18,000,000 Digital World 16,000,000

409 views • 16 slides
ROA Contents & Format Proposal Brian Weis Overview An informal study was conducted

ROA Contents & Format Proposal Brian Weis Overview An informal study was conducted

ROA Contents & Format Proposal Brian Weis Overview An informal study was conducted considering ROA Contents Based on Steve Kents earlier presentations ROA Format Design Considerations Three possible formats

145 views • 14 slides
AMPL A Modeling Language for Mathematical Programming Claudia DAmbrosio CNRS researcher

AMPL A Modeling Language for Mathematical Programming Claudia DAmbrosio CNRS researcher

AMPL A Modeling Language for Mathematical Programming Claudia DAmbrosio CNRS researcher LIX, Ecole Polytechnique, France STOR-i masterclass 22 February 2019 Introduction Algebraic modeling language for linear and nonlinear

520 views • 18 slides
The Journey of Visual Studio Code Erich Gamma Envision new paradigms for online developer tooling

The Journey of Visual Studio Code Erich Gamma Envision new paradigms for online developer tooling

The Journey of Visual Studio Code Erich Gamma Envision new paradigms for online developer tooling that will be as successful as the IDE has been for the desktop 2012 2011 Eat your own dogfood h"p 2011 2012 2012 2013 Meanwhile Microso;

616 views • 47 slides
Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not

Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not

Motivation for IDS Developing absolutely secure systems is Intrusion Detection (IDS) not possible Most existing systems have security flaws Abuses by privileged insiders are possible Simone Fischer-Hbner Not all kinds of

414 views • 4 slides
Signature Synthesizer Jonas Zaddach Mariano Graziano @jzaddach @emd3l INTRODUCTION Mariano

Signature Synthesizer Jonas Zaddach Mariano Graziano @jzaddach @emd3l INTRODUCTION Mariano

BASS Automated Signature Synthesizer Jonas Zaddach Mariano Graziano @jzaddach @emd3l INTRODUCTION Mariano Graziano Jonas Zaddach Security Researchers in > > LETS TALK ABOUT THE THREAT LANDSCAPE THREAT LANDSCAPE 1.5 MILLION

689 views • 30 slides
STORAGE@TGCC & LUSTRE FILESYSTEMS WORKING & BEST PRACTICES Philippe DENIEL | |

STORAGE@TGCC & LUSTRE FILESYSTEMS WORKING & BEST PRACTICES Philippe DENIEL | |

STORAGE@TGCC & LUSTRE FILESYSTEMS WORKING & BEST PRACTICES Philippe DENIEL | | CEA/DAM/DIF PATC PARALLEL I/O APRIL 25TH, 2018 23 AVRIL 2018 CEA | 10 AVRIL 2012 | PAGE 1 AGENDA TGCC storage architecture TGCC storage workspaces

484 views • 26 slides
Envisioning a Parallel File System without Dedicated Metadata Servers Qing Zheng Kai Ren, Garth

Envisioning a Parallel File System without Dedicated Metadata Servers Qing Zheng Kai Ren, Garth

Whats Beyond IndexFS & BatchFS Envisioning a Parallel File System without Dedicated Metadata Servers Qing Zheng Kai Ren, Garth Gibson, Bradley W. Settlemyer, Gary Grider Carnegie Mellon University Los Alamos National Laboratory Scaling

561 views • 32 slides

More recommend