Malware can be loosely defined as malicious computer executable programs that run without user consent and are often designed to cause harm. As computer systems have become more complex and interconnected, the number and types of malware have proliferated. Malware may spread by exploiting vulnerabilities in operating systems or software, or by tricking users into installing programs that contain malware payloads. Common types of malware include viruses, worms, spyware, and botnets.
Malware can be loosely defined as malicious computer executable programs that run without user consent and are often designed to cause harm. As computer systems have become more complex and interconnected, the number and types of malware have proliferated. Malware may spread by exploiting vulnerabilities in operating systems or software, or by tricking users into installing programs that contain malware payloads. Common types of malware include viruses, worms, spyware, and botnets.
Malware can be loosely defined as malicious computer executable programs that run without user consent and are often designed to cause harm. As computer systems have become more complex and interconnected, the number and types of malware have proliferated. Malware may spread by exploiting vulnerabilities in operating systems or software, or by tricking users into installing programs that contain malware payloads. Common types of malware include viruses, worms, spyware, and botnets.
1. Can be loosely defined as “Malicious computer executable”
2. A bit flexible definition 3. Annoying software or program codes 4. Running a code without user’s consent 5. “If you let somebody else execute code on your computer, then it is not your own computer” 6. Not only virus or worm 7. Sometimes known as computer contaminant 8. Should not be confused with defective software which contains harmful bugs 9. Growing number and connectivity of computers (“everybody” is connected and dependant on computers, the number of attacks increase, attacks can be launched easily (automated attacks) 10. Growing system complexity (unsafe programming languages, hiding code is easy verification and validation is impossible) 11. Systems are easily extensible (mobile code, dynamically loadable modules, incremental evolution of systems) 12. Types of malware 13. This is the oldest one 14. First well-known worm was known as the Morris Worm (Used a BSD Unix flaw to propagate itself) 15. ______ requires hosts (Word document, etc.) 16. _____ uses address books of the infected computers (1999) 17. Growth of Internet helped spawn spyware 18. Largely fueled by the prospect of monetary gain 19. Not spreads like viruses, instead packaged with user installed software (mostly p2p programs) 20. Least virulent forms causes sluggish systems, slow Web browsing, annoying pop-ups 21. More dangerous spyware tracks browsing habits or sensitive information 22. ______ makers infect multiple systems (Creates massive botnets that can be used to launch Distributed Denial of Service attacks) 23. ______ is a way to secretly install a piece of malware on a system ( It could be adware or a keylogger, It sneakes onto a system and delivers an unexpected and potentially devastating payload) 24. e.g. when all computers in a network run the same OS, if you can break that OS, you can break into any computer running it. 25. most systems containing errors which may be exploited by malware. 26. code from a floppy disk, CD-ROM or USB device may be executed without the user’s agreement. 27. some systems allow all users to modify their internal structures. 28. most popular systems allow code executed by a user all rights of that user. 29. It is a piece of code that infect other programs by modifying them 30. It can also spread into programs in other computers by several ways 31. It secretly executes when host program is run 32. It is specific to particular software/hardware platform 33. Idle, not all of them have this phase 34. Copies itself into other programs 35. Activated by a system event 36. Runs its payload (part for malicious actions) 37. The infected program will first run the virus code when invoked 38. If the infection phase is fast, then it will be unrecognizable 39. Infected version of a program is longer than the normal 40. Traditional kind 41. Locates in memory, infects executing programs 42. Infects MBR, spreads when system is booted 43. Compression technique, intercept logic in disk I/O routines 44. Makes detection by signature impossible by adding junk instructions, changing instruction order or using encryption 45. Similar to polymorphic virus, additionally changes its behaviour 46. Platfrom independent 47. Infects Microsoft Word documents 48. Easily spread by e-mails 49. Eg. Melissa, sends mails with Word attachment 50. Sends itself to everyone on the mail list in email package 51. Strengthens the propagation phase of virus 52. Applications that are installed on a user’s computer to track and/or report certain information back to some external source 53. Usually installed and run without the permission of the user 54. Behave in a manner that is annoying or undesirable 55. Designed to harm the performance of computers 56. Hackers use grayware to load and run programs that ( Collect information, Track usage pattern, Invasion of privacy) 57. Included with freeware 58. Does not notify the user of its existence or ask permission to install the components 59. Designed to track & analyze a user’s activity 60. Embedded in freeware applications that users can donwload & install at no cost 61. Used to load pop-up browser windows to deliver advertisements 62. Considered to be invasive 63. One of the most dangerous applications 64. Installed to capture the keystrokes 65. Manipulates the Web browser or other settings to change the user’s favorite or bookmarked sites, start pages or menu options. Some can also manipulate DNS settings 66. Designed to add additional programs or features to an existing application in an attempt to control, record and send browsing preferences or other information back to an external destination 67. Designed to be installed to for malicious purposes 68. Used to change network settings, disrupt network security 69. Allow an external user to remotely gain access, change or monitor a computer on a network 70. DLL files that are often installed as part of a software application to allow program to control the behaviour of Internet Explorer. Can track surfing habits 71. Allow an external user to remotely gain access, change or monitor a computer on a network 72. Send & receive lights on modem or the network icons on the task bar are flashing even though you are not performing any online process 73. İs another type of proper looking software 74. Usually encoded in a hidden payload 75. Used in installation of backdoors 76. It is a self-contained program and does not need human intervention unlike e-mail virus 77. Replicates and sends copies of itself from computer to computer 78. Performs disruptive or destructive actions 79. May change its process name to system processes 80. Released in 1998 by Robert Morris 81. Designed for UNIX systems 82. eRleased in July of 2001 83. Exploits a security hole in Microsoft IIS 84. It locates in RAM memory 85. Abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages 86. Remains economically viable 87. Unsolicated bulk e-mail (UBE 88. Unsolicated commercial e-mail (UCE) 89. DDoS attacks make computer systems inaccessible by flooding servers, networks and end-user computers 90. In a DDoS attack a large number of compromised hosts are amassed 91. If an attack comes from a single machine, it is referred to as a DoS 92. DDoS attack attempts to consume target’s resources 93. Consume operation is based on: