What is Malcode?

17
What is Malcode? Dr. Richard Ford [email protected]

description

Dr. Richard Ford [email protected]. What is Malcode?. What are we going to talk about?. Fundamental Definitions What is Malcode? Malcode Overview Follows: Szor Ch.1 & 2. How I Got Involved. Like most researchers, I got hit by a Virus - PowerPoint PPT Presentation

Transcript of What is Malcode?

Page 1: What is Malcode?

What is Malcode?

Dr. Richard [email protected]

Page 2: What is Malcode?

What are we going to talk about?

Fundamental Definitions What is Malcode? Malcode Overview Follows: Szor Ch.1 & 2.

Page 3: What is Malcode?

How I Got Involved

Like most researchers, I got hit by a Virus

I disassembled the virus, and began on this wonderful journey of discovery…

Making every possible mistake on the way!

Page 4: What is Malcode?

Malicious Code v. MMC MMC = Malicious Mobile Code Critical word: Mobile

MMC is designed to move from one machine to another

Page 5: What is Malcode?

Type of Malcode

Viruses Trojan Horses Worms Blended threats

Page 6: What is Malcode?

Virus

A virus is a malicious program that modifies other host files or boot areas to replicate. In most cases, the host object is modified to contain a complete copy (possibly evolved) of the malicious program code. The newly-infected object is capable of spreading the “infection” further

Page 7: What is Malcode?

Trojan

A Trojan, or Trojan Horse, is a non-replicating program masquerading as one type of program with its real intent hidden from the user.

Page 8: What is Malcode?

Worm

A worm is a piece of replicating code that uses its own program coding to spread with minimal user intervention. Unlike viruses worms do not “infect” other programs or boot sectors

Page 9: What is Malcode?

Blended Threat

Replication + something else bad (like an exploit)

Page 10: What is Malcode?

Spyware

A technology that aids in gathering information about a user or content of a machine without that user’s knowledge

Page 11: What is Malcode?

Adware

Pretty much Spyware that tells you exactly what it’s going to do…

Always read the EULA…

Page 12: What is Malcode?

“Pest”

Colloquial but descriptive “Any piece of software that the user

doesn’t want”

Page 13: What is Malcode?

Other Terms…

In The Wild Dr0pper “Generation 0”<- this is a zero Payloads Rootkit

Page 14: What is Malcode?

Naming Viruses?

Interesting problem Go ahead and read:

http://www.virusbtn.com/magazine/archives/pdf/2003/200303.pdf: (p14) That Which We Call Rose.A

What really is in a name? For the other side, read

http://www.virusbtn.com/magazine/archives/200301/caro.xml or Szor Chapter 2, 2.5.

http://www.virusbtn.com/magazine/archives/pdf/2003/200303.pdf
http://www.virusbtn.com/magazine/archives/pdf/2003/200303.pdf
http://www.virusbtn.com/magazine/archives/200301/caro.xml%20or%20Szor%20Chapter%202
http://www.virusbtn.com/magazine/archives/200301/caro.xml%20or%20Szor%20Chapter%202
Page 15: What is Malcode?

Discussion

What is the goal of virus naming? Assignment: Read Szor Ch.1 & 2 for

Tuesday’s class

Page 16: What is Malcode?

“Good” viruses?

Is there any such thing as a good virus? What do you think about this:

http://www.samspublishing.com/articles/printerfriendly.asp?p=337309&rl=1

http://www.samspublishing.com/articles/printerfriendly.asp?p=337309&rl=1
http://www.samspublishing.com/articles/printerfriendly.asp?p=337309&rl=1
http://www.samspublishing.com/articles/printerfriendly.asp?p=337309&rl=1
Page 17: What is Malcode?

Next Lesson

Viruses and their environment…


lec22 tor malcode - cs161/fa17/lectures/lec22_tor_malcode.… · • And traffic analysis to tell the difference between ... Tor Browser is also used to access Tor Hidden Services

lec22 tor malcode - cs161/fa17/lectures/lec22_tor_malcode.… · • And traffic analysis to tell the difference between ... Tor Browser is also used to access Tor Hidden Services

What? Why? Where? Who? Key questions What is weathering? What is physical weathering? What is chemical weathering? What is biological weathering?

What? Why? Where? Who? Key questions What is weathering? What is physical weathering? What is chemical weathering? What is biological weathering?

what is jedox, what is r

what is jedox, what is r

What is creativity??? What is creativity.

What is creativity??? What is creativity.

SPARSE: A Hybrid System to Detect Malcode-Bearing Documents

SPARSE: A Hybrid System to Detect Malcode-Bearing Documents

ACT: Attachment Chain Tracing Scheme for Email Virus Detection and Control Jintao Xiong Proceedings of the 2004 ACM workshop on Rapid malcode Presented.

ACT: Attachment Chain Tracing Scheme for Email Virus Detection and Control Jintao Xiong Proceedings of the 2004 ACM workshop on Rapid malcode Presented.

Outlines r Mobile malcode Overview r Viruses r Worms.

Outlines r Mobile malcode Overview r Viruses r Worms.

Renaissance Review What was the Renaissance? What is Realism? What is Humanism? What is Secularism? What is Individualism? What is a patron? What is vernacular?

Renaissance Review What was the Renaissance? What is Realism? What is Humanism? What is Secularism? What is Individualism? What is a patron? What is vernacular?

Mystery Booktalk Mystery Genre What is a genre? What is a genre? What is fiction? What is fiction? What is a mystery? What is a mystery?

Mystery Booktalk Mystery Genre What is a genre? What is a genre? What is fiction? What is fiction? What is a mystery? What is a mystery?

Glass Fiber Reinforced Gypsum - · PDF fileWHAT IT IS What is GRG What Is GRG What Is GRG What is GRG What Is GRG What Is GRG WHAT IT IS WHAT IT IS WHAT IT IS Glass Fiber Reinforced

Glass Fiber Reinforced Gypsum - · PDF fileWHAT IT IS What is GRG What Is GRG What Is GRG What is GRG What Is GRG What Is GRG WHAT IT IS WHAT IT IS WHAT IT IS Glass Fiber Reinforced

What is What is Professional Testing?

What is What is Professional Testing?

WHAT IS LINGUISTICS ? LECTURE ONE. WHAT IS LANGUAGE ? WHAT IS LINGUISTICS ?

WHAT IS LINGUISTICS ? LECTURE ONE. WHAT IS LANGUAGE ? WHAT IS LINGUISTICS ?

What is communism? What is a satellite nation? What is the “iron curtain”? What is containment?

What is communism? What is a satellite nation? What is the “iron curtain”? What is containment?

SPARSE: A Hybrid System for Malcode-Bearing Document Detectionwl318/thesis/weijen-thesis... · Dynamic Detector: Detects malicious system behavior Document Parser If labeled negative

SPARSE: A Hybrid System for Malcode-Bearing Document Detectionwl318/thesis/weijen-thesis... · Dynamic Detector: Detects malicious system behavior Document Parser If labeled negative

God, Matter, and Information: What is Ultimate? What is “God”? What is “Matter”? What is “Information”? What does “Ultimate” mean?

God, Matter, and Information: What is Ultimate? What is “God”? What is “Matter”? What is “Information”? What does “Ultimate” mean?

What is weathering? What is erosion? What is deposition ...

What is weathering? What is erosion? What is deposition ...

lec22 tor malcode · • And traffic analysis to tell the difference between ... Tor Browser is also used to access Tor Hidden Services ... substituted via MITM such as NSA ...

lec22 tor malcode · • And traffic analysis to tell the difference between ... Tor Browser is also used to access Tor Hidden Services ... substituted via MITM such as NSA ...

Medieval Art and Architecture. Questions What is art? What is art? What is architecture? What is architecture?

Medieval Art and Architecture. Questions What is art? What is art? What is architecture? What is architecture?

What is Leptospirosis? What is Leptospirosis?

What is Leptospirosis? What is Leptospirosis?

What is, what is… - Fred Martin George Grosz short... · 2020-02-18 · What is truth, what is art, what is politics and what is propaganda? What is adventure, what is freedom?

What is, what is… - Fred Martin George Grosz short... · 2020-02-18 · What is truth, what is art, what is politics and what is propaganda? What is adventure, what is freedom?