1 / 10

The Ecology of Malware

The Ecology of Malware. CPIS 210 John Beckett. Is it Alive?. In a manner of speaking – it can reproduce and spread Not quite – it requires an active, artificial host. Why?. Curiosity “Hacker” used to mean simply someone who was curious enough to make a computer go beyond its design

ossie
Download Presentation

The Ecology of Malware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Ecology of Malware CPIS 210 John Beckett

  2. Is it Alive? • In a manner of speaking – it can reproduce and spread • Not quite – it requires an active, artificial host

  3. Why? • Curiosity • “Hacker” used to mean simply someone who was curious enough to make a computer go beyond its design • Fame/notoriety • Profit • Taking servers hostage • Attacking competing malware vendors’ reputations • Warfare

  4. The Epidemiological Dilemma • If a virus is not very vigorous about spreading, it will die off • If a virus does nothing to affect its hosts’ activity, it will not be noticed • If a virus destroys its hosts, it will lose its deployment platform • The “ideal” virus spreads despite the damage it does • Perhaps delays damage until it has spread • Perhaps does all its damage to other devices

  5. The Big Target • Infect an update of a widely-used piece of software, so that the malware is distributed by the vendor • This is why you should be careful where you get downloads from!

  6. Infection Routes • Email • Encrypt the virus, and provide the decryption key in clear-text in the email • Seductive Web sites • Females: social networking, “cute” tools • Males: porn • Legitimate sources • Infect pdf, jpg, whatever…

  7. The Signature Method • Determine a pattern indicating that a virus is present • Publish that in a “signature list” update • Software watches for that pattern • Oops – The malware got to you before the signature • Oops – The signature had a false positive on something good (like Excel.exe)

  8. Hush! • An anti-virus company contains people with a great deal of skill in that field. • It is tempting to create a virus other AV products can’t handle. • Has this happened? • Are we getting trapped into an endless cycle of expense and trouble? • The real answer: “Baked-in” protection. • Microsoft is beginning this with Windows 8 • Recognizing that protection is a vital part of an OS

  9. The Future of Malware(Beckett’s take) • Among elite, increasing focus on high-value targets • People with deep pockets • Military adversaries • Or potential adversaries • Continued phishing threats • “There’s a sucker born every minute” • Compromised accounts sold in bulk like corn or hogs • Increased blurring of lines between malware, annoy-ware, and remote-service back-doors • Creation of “good” viruses • Proprietary software “calling home” to report • Hard to distinguish from malware

  10. Pathological User Behaviors • Trying things without considering the dangers. • Ignoring dangers one doesn’t understand. • Failing to take reasonable steps to protect oneself. • Self-justifying behaviors as being necessary, even after they are discovered to be dangerous. • Using perceived (perhaps illusory) dangers as an excuse not to use new technology. • Even if new tech is safer than old methods Why do I even have to deal with this? I was told this was a really great idea! That’s your problem, not mine

More Related