why protection against viruses bots and worms is so hard
play

Why Protection against Viruses, Bots, and Worms is so hard Malware - PowerPoint PPT Presentation

Mar 17, 2023 •162 likes •739 views

Foundations Security in MAS Conclusion Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till Drges td@pre-secure.de PRESECURE Consulting GmbH June 20, 2007 Till Drges Protection Malware seen

  1. Foundations Security in MAS Conclusion Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till Dörges td@pre-secure.de PRESECURE Consulting GmbH June 20, 2007 Till Dörges Protection – Malware seen as Mobile Agents 1/39

  2. Foundations Security in MAS Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 2/39

  3. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 3/39

  4. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 4/39

  5. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents What is an Agent? Till Dörges Protection – Malware seen as Mobile Agents 5/39

  6. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents What is an Agent? • Modeling Paradigm • Software Engineering (unlike e.g. objects, . . . ) • Artificial Intelligence Till Dörges Protection – Malware seen as Mobile Agents 5/39

  7. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents What is an Agent? • Modeling Paradigm • Software Engineering (unlike e.g. objects, . . . ) • Artificial Intelligence Important Properties • Encapsulation and Modularization • Reactivity • Proactivity • Autonomy • Mobility (not generally required) Till Dörges Protection – Malware seen as Mobile Agents 5/39

  8. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents (cont’d) Definition • Subject to quite a bit of debate • Social Behavior • Ability to Adapt • Goal Orientation • . . . • Key properties are safe to assume Particularly Suited for • Distributed and Concurrent Systems • Systems across Multiple Administrative Domains Till Dörges Protection – Malware seen as Mobile Agents 6/39

  9. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents (cont’d) Colloquially Speaking • Program/Code and Data • Travel between Platforms • Run on different Platforms Examples • “Shopping Agent” • “Find (buy) a blue Bicycle for not more than EUR 500.” • Inquires at several platforms • Finds best solution • Possibly purchases a bike on behalf of owner/user Till Dörges Protection – Malware seen as Mobile Agents 7/39

  10. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Distinction from Mobile Code Examples for Mobile Code • JAVA applets • ActiveX controls • . . . Mobile Code lacks • Autonomy • Proactivity • Goal Orientation Till Dörges Protection – Malware seen as Mobile Agents 8/39

  11. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Platforms What is a Platform? • Runtime Environment for Agents • Responsible Protection of Agents • Services for Interaction (communication, directory services, . . . ) • Transportation of Agents between Platforms Colloquially Speaking • Application on a Computer Till Dörges Protection – Malware seen as Mobile Agents 9/39

  12. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Multi Agent Systems – MAS What is a MAS? • Technically • n with n > 0 Platforms • m with m > 0 Agents • Infrastructure/Policies • Service Point of View • Shopping Platform • Database Querying • Research • . . . • Multi Agent Application • . . . Till Dörges Protection – Malware seen as Mobile Agents 10/39

  13. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Multi Agent Application? Agent Orientation as Modeling Paradigm • Comparable to Object Orientation • AO development environments readily available • AO application doesn’t have to show agents on the outside Till Dörges Protection – Malware seen as Mobile Agents 11/39

  14. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 12/39

  15. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Malware Definition (Wikipedia) Malware is software designed to infiltrate or damage a computer system without the owner’s informed consent. . . . [The term designates] a variety of forms of hostile, intrusive, or annoying software or program code. Taxonomy • Species • Virus • Bot • Worm • . . . • Distinction blurry Till Dörges Protection – Malware seen as Mobile Agents 13/39

  16. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Malware (cont’d) Properties • Provision of “Services” • Spying • Attacking • Back Doors • . . . • Reactivity • Proactivity • Autonomy • Mobility • Self Replication • Adaption Till Dörges Protection – Malware seen as Mobile Agents 14/39

  17. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Malware (cont’d) Properties • Provision of “Services” • Spying • Attacking • Back Doors • . . . • Reactivity • Proactivity • Autonomy • Mobility • Self Replication • Adaption Till Dörges Protection – Malware seen as Mobile Agents 14/39

  18. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Comparison Malware? • Comparison Malware ⇔ Agents holds Platforms? • Infected Computers provide for Runtime Environment • Other services implemented by Malware directly • Comparison for Infected Computers ⇔ Platforms holds MAS? • Less interesting (1 malware is enough to control 1 computer) • Holds, too. Till Dörges Protection – Malware seen as Mobile Agents 15/39

  19. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Comparison Malware? • Comparison Malware ⇔ Agents holds Platforms? • Infected Computers provide for Runtime Environment • Other services implemented by Malware directly • Comparison for Infected Computers ⇔ Platforms holds MAS? • Less interesting (1 malware is enough to control 1 computer) • Holds, too. Till Dörges Protection – Malware seen as Mobile Agents 15/39

  20. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 16/39

  21. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 17/39

  22. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Security Conventional Aspects / Definition • Confidentiality • Integrity • Availability Till Dörges Protection – Malware seen as Mobile Agents 18/39

  23. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Security Conventional Aspects / Definition • Confidentiality • Integrity • Availability Till Dörges Protection – Malware seen as Mobile Agents 18/39

  24. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Security Conventional Aspects / Definition • Confidentiality • Integrity • Availability Shortcomings • Every System is Special • Definition has to be adapted • What about (for example) • Identity • Trust • . . . Till Dörges Protection – Malware seen as Mobile Agents 18/39

  25. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Desirable Security Properties in MAS Security for Agents? • Communication • Integrity • Confidentiality • Availability • Non-Repudiation • . . . • Mobility • Agent Execution Different Points of View • Protection of Platforms • Protection of Agents Till Dörges Protection – Malware seen as Mobile Agents 19/39

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Malware: Viruses, Worms, Rootkits, Botnets Spring 2015

Malware: Viruses, Worms, Rootkits, Botnets Spring 2015

CSE 484 / CSE M 584: Computer Security and Privacy Malware: Viruses, Worms, Rootkits, Botnets Spring 2015 Franziska (Franzi) Roesner

403 views • 37 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 5 Viruses & Worms, Botnets, Todays Threats Viruses & Worms Viruses Program

693 views • 31 slides
Viruses & Worms Thanks to Prof. Vern Paxson for these slides Malware That Propagates

Viruses & Worms Thanks to Prof. Vern Paxson for these slides Malware That Propagates

Viruses & Worms Thanks to Prof. Vern Paxson for these slides Malware That Propagates Virus = code that propagates (replicates) across systems by arranging to have itself eventually executed Generally infects by altering stored code

800 views • 67 slides
Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 19, 2011 Announcements Matthias out for at least this coming week :-(

864 views • 31 slides
Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 19, 2011 Announcements Matthias out for at least this coming week :-(

468 views • 46 slides
Today Memory layout Buffer overflow, worms, and viruses

Today Memory layout Buffer overflow, worms, and viruses

University of Washington Today Memory layout Buffer overflow, worms, and viruses 1 University of Washington not drawn to scale IA32 Linux Memory

446 views • 22 slides
Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1

Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1

Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1 Introduction Malicious Logic: a set of instructions that cause violation of security policy Idea taken from Troy: to breach an impenetrable

1.3k views • 109 slides
Security Overview Different aspects of security User authentication Protection mechanisms

Security Overview Different aspects of security User authentication Protection mechanisms

CS399 New Beginnings Jonathan Walpole Security Overview Different aspects of security User authentication Protection mechanisms Attacks: - trojan horses, spoofing, logic bombs, trap doors, buffer overflow attacks, viruses, worms, mobile

825 views • 59 slides
Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses, diseases Online viruses, worms Fashion Adoption of technologies Behavior Ideas Example: Ebola virus First emerged in Zaire

621 views • 29 slides
Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses, diseases Online viruses, worms Fashion Adoption of technologies Behavior Ideas Example: Ebola virus First emerged in

519 views • 26 slides
AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

VIRUSES, WORMS, AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses Intrusion detection Behavioral detection Firewalls Virus/antivirus Application firewalls coevolution paper discussed

915 views • 56 slides
Malware: Botnets, Viruses, and Worms Damon McCoy Slide Credit: Vitaly Shmatikov slide 1

Malware: Botnets, Viruses, and Worms Damon McCoy Slide Credit: Vitaly Shmatikov slide 1

Malware: Botnets, Viruses, and Worms Damon McCoy Slide Credit: Vitaly Shmatikov slide 1 Malware Malicious code often masquerades as good software or attaches itself to good software Some malicious programs need host programs

1.29k views • 86 slides
Discord Bot CHRIS L Discord What is it? Why does it need bots? Existing bots Why

Discord Bot CHRIS L Discord What is it? Why does it need bots? Existing bots Why

Discord Bot CHRIS L Discord What is it? Why does it need bots? Existing bots Why does it need more bots? Wanted Features Convenience Information Grabbing Administration Technologies used Node.js Discord JS

338 views • 12 slides
Swine H1NI Influenza A: Transmission of Viruses in Indoor Air: HVAC System Protection Options

Swine H1NI Influenza A: Transmission of Viruses in Indoor Air: HVAC System Protection Options

Swine H1NI Influenza A: Transmission of Viruses in Indoor Air: HVAC System Protection Options Federal Interagency Committee for Indoor Air Quality Environmental Protection Agency June 3, 2009 Steven Welty CAFS, CIE, LEED AP Green Clean Air

694 views • 52 slides
FILARIAL WORMS Found mainly in tropical regions in Asia Threadlike worms live in the

FILARIAL WORMS Found mainly in tropical regions in Asia Threadlike worms live in the

FILARIAL WORMS Found mainly in tropical regions in Asia Threadlike worms live in the blood and lymph vessels of birds and mammals. They are transmitted by mosquitoes. Cause severe infections Worms block passage of lymph

390 views • 8 slides
famil y Pathogenic bacteria, toxins, parasites and viruses Commensal bacteria (inc. B.

famil y Pathogenic bacteria, toxins, parasites and viruses Commensal bacteria (inc. B.

famil y Pathogenic bacteria, toxins, parasites and viruses Commensal bacteria (inc. B. fragilis) Bacterial autoimmune triggers Dysbiotic bacteria Phyla microbiota ratios Opportunistic parasites Worms Yeast, fungi and

114 views • 10 slides
1 Deixis Study (will explain ) Synchronous Co-located We analyzed the use of graphs as

1 Deixis Study (will explain ) Synchronous Co-located We analyzed the use of graphs as

ICS 463: Intro to Human Computer Example Applications Interaction Design Workgroups 4. Understanding Users: Meeting support (GDSS) Collaboration Distributed teams (CSCL) Communities Of practice Of interest

365 views • 9 slides
Scala - The Simple Parts Martin Odersky Typesafe and EPFL 10 Years of Scala Grown Up?

Scala - The Simple Parts Martin Odersky Typesafe and EPFL 10 Years of Scala Grown Up?

Scala - The Simple Parts Martin Odersky Typesafe and EPFL 10 Years of Scala Grown Up? Scalas user community is pretty large for its age group. ~ 100000 developers ~ 200000 subscribers to Coursera online courses. #13 in RedMonk

655 views • 52 slides
Frontend Web Development with Angular CC BY-NC-ND Carrot & Company GmbH Agenda

Frontend Web Development with Angular CC BY-NC-ND Carrot & Company GmbH Agenda

Frontend Web Development with Angular CC BY-NC-ND Carrot & Company GmbH Agenda Questions Some infos Presentations Presentation Discussion Grading Tutorial for practicals A bit of web and angular

403 views • 17 slides
Statistical Natural Language Processing Dr. Besnik Fetahu Lecture Lecture: Thursdays:

Statistical Natural Language Processing Dr. Besnik Fetahu Lecture Lecture: Thursdays:

Statistical Natural Language Processing Dr. Besnik Fetahu Lecture Lecture: Thursdays: 10:00 11:30 Location: MultiMedia Raum, L3S, Appelstr. 9a Contact: Dr. Besnik Fetahu Tel: 17797 E-mail:

1.1k views • 42 slides
security Peering into Underground Economies Final exam Cumulative Wednesday May 18

security Peering into Underground Economies Final exam Cumulative Wednesday May 18

This time On top of the stack Application-layer security Peering into Underground Economies Final exam Cumulative Wednesday May 18 Software security Crypto 10:30 AM 12:30 PM Networking HERE (CSIC 2117) Teaching

1.03k views • 91 slides
Brian Moran, Seraphina Goldfarb-Tarrant, Alex Xiao, Sujie Zhu, Qi Hu, Catharine Youngs 1 Provide

Brian Moran, Seraphina Goldfarb-Tarrant, Alex Xiao, Sujie Zhu, Qi Hu, Catharine Youngs 1 Provide

Brian Moran, Seraphina Goldfarb-Tarrant, Alex Xiao, Sujie Zhu, Qi Hu, Catharine Youngs 1 Provide a means for Alexa-users to search for restaurant options from the comfort of their own home by giving the system a set of parameters verbally via

392 views • 11 slides
Computational Thinking Artificial Intelligence Computational Thinking www.ugrad.cs.ubc.ca/~cs100

Computational Thinking Artificial Intelligence Computational Thinking www.ugrad.cs.ubc.ca/~cs100

Computational Thinking Artificial Intelligence Computational Thinking www.ugrad.cs.ubc.ca/~cs100 Learning Goals CT Application: Students will be able to describe what AI is currently capable of CT Application: Students will be able

514 views • 26 slides
Compartmentalized Continuous Integration David Neto Devin Sundaram Senior MTS Senior MTS

Compartmentalized Continuous Integration David Neto Devin Sundaram Senior MTS Senior MTS

Compartmentalized Continuous Integration David Neto Devin Sundaram Senior MTS Senior MTS Altera Corp. THAT SPECIAL THING 2000 That special thing 2007 p4 vs. svn 2009 Collaboration++ THREE TAKEAWAYS Continuous Integration is tough

887 views • 57 slides

More recommend