01-01-2013, 12:04 PM
Programmed Threats
Programmed Threats.ppt (Size: 126 KB / Downloads: 24)
Programmed Threats: Introduction
Definition
A piece of program code that presents a security threat to a system, I.e has potential to cause damage, loss or harm
Nature of loss or harm may include
Denial or degradation of service
Unauthorized access to information or resources
Destruction, corruption or fabrication of information
Trap Doors (1)
Secret undocumented entry point.
By-passing the normal methods of authentication. Triggered by
Special character sequence.
User account.
Typically included for debugging, but may forget to remove from production versions.
Counter measure: rigorous development checks to be made for trap doors.
Design and code peer review, audit
Logic Bombs (1)
Embedded within applications.
Dormant until triggered e.g. by
presence or absence of a certain file or record
a particular day of week,
a particular user running the application.
Action: destroy, alter or encrypt data, halt machine, disable application.
What if time bomb used to perform above actions unless license fee or other payment is made? What is acceptable ethically and/or legally?
Viruses
Inserts themselves into other host programs or system codes.
When the code is executed, the virus also runs.
Performs a disguised malicious function e.g.
Destroy or alter data and programs
Interfere with normal operations
Cause denial or degradation of service
Cause other undesirable effects.
Viruses: Classification
Parasitic virus:
replicates when an infected program is run.
OS-resident virus:
lodges in OS and infects every program run.
Boot sector virus:
infects disk's boot block
Polymorphic virus:
mutates to evade detection
Macro virus:
executable code embedded within documents
Worms
An independent program which propagates from machine to machine. May carry virus, logic bomb.
Exploits flaws in OS or inadequate system management to propagate.