1 / 29

CS682 – Session 8

CS682 – Session 8. Prof. Katz. Virus Warning.

tallys
Download Presentation

CS682 – Session 8

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS682 – Session 8 Prof. Katz

  2. Virus Warning DO NOT OPEN "NEW PICTURES OF FAMILY" It is a virus that will erase your whole "C" drive. It will come to you in the form of an E-Mail from a familiar person.I repeat a friend sent it to me, but called & warned me before I opened it.He was not so lucky and now he cant even start his computer! Forward this to everyone in your address book. I would rather receive this 25 times than not at all.Also: Intel announced that a new and very destructive virus was discovered recently.If you receive an email called "FAMILY PICTURES," do not open it. Delete it right away! This virus removes all dynamic linklibraries (.dll files) from your computer. Your computer will not be able to boot up.

  3. Virus • Dear Friends, We have been unwittingly just infected with a virus from someone's email.THIS Klez Worm VIRUS SENDS ITSELF TO ALL THE ADDRESSES IN THE ADDRESS BOOK OF THE COMPUTER IT HAS ARRIVED AT. Take the time and remove it now. The instructions are easy and I got rid of it in a few minutes. Some versions of anti virus software including Norton and Inoculate T have not been able to detect it. It is said that the virus HIDES in the computer for 2 weeks and then DAMAGES THE DISC IRREPARABLY.The virus is called sulfnbk.exe Many apologies for the trouble it is causing.1. Go to "Start" and click on "Find"2. In the box, "find files or folders" type in sulfnbk.exe (the name of the virus)3. Make sure you are searching in the C-drive (check in the box marked "Search in")4. Click on Find5. If the file is found you will find an ugly black icon with the name sulfnbk.exe This file is a program. DO NOT OPEN IT !!!!!!6. Click on the RIGHT button of the mouse, on the file name, and then click on DELETE with the LEFT BUTTON OF THE MOUSE.7. You will be asked to send this file to the recycle bin or wastebasket---respond YES8. Open the recycle bin and eliminate the file, manually or by emptying the entire recycle bin or wastebasket.9. If you do find this virus in your computer, send this email to all the people in your address book because the virus is transmitted in this way. (Even if you don't find the virus, you should probably still send this email to all your addresses)10. I thought this was a joke at first but it is not and we found the ugly icon when we followed the above directions. Good luck.

  4. Virii • Computer virii are as old as computers themselves • Originally written as a “Proof of concept” • Competitions were created • There are now almost 60,000 known virii

  5. Propagation methods • Manual – User Intervention required • Email – Either with or without user intervention • Physical – Via infected media • Network – usually RPC or SMB protocols

  6. Different Flavors • Hoaxes • Infectious • Worms • Trojans

  7. Hoaxes • Generally try to convince the user of some believable event • Most commonly in the form of email messages (e.g. government bill to charge for email usage) • (Unfortunately) Cannot be stopped by software

  8. Protecting against Hoaxes • Check one of the following sites: • http://www.ciac.org • http://www.sarc.com • http://www.datafellows.com

  9. Types of Infectious virii • Master Boot Record • File infection • Macro • Email

  10. MBR Infections • Require physical transfer of a disk from one computer to another • They will overwrite a portion of the Master Boot Record on the host to become active in memory each time the computer restarts • Future accesses through BIOS calls to the floppy disk will result in infections

  11. File Infection • Usually Executable files • Infection will usually result in overwriting/rewriting the command.com, autoexec.bat or adding a registry key to HKLM/Software/Microsoft/Windows/Current Version/Run. • These virii are usually passed manually or physically, rarely are they by email • Sometimes benign

  12. Macro virii • Application specific usually .wp or .doc • These will usually contain some VB Code to do harm to the host or otherwise infect it. • Common propagation includes modifying normal.dat so that every word document the user creates is infected

  13. Email • Now the most common (and rapidly propagating) virii • Sometimes application specific (usually to MS Outlook) otherwise classified as trojan • Examples: KakWorm, Happy99, Melissa

  14. Worms • Originally named for the way a Xerox memory print-out looked when infected • Self-replicating • Usually is a classification of an infection virii

  15. Trojans • Users are coerced into activating these virii • Can do anything from provide remote control of the system to cause worm-like infection • E.g. Trinn, Back Orifice, Love Letter

  16. Biometric Authentication

  17. Biometric Authentication • Authentication using measurable physiological and/or behavioral characteristics • Replacements to Username/Password combinations

  18. Problems with U/P authentication • Users frequently document their password • Loss of the password requires administrative intervention • “Passing” of the password become frequent

  19. Biometric advantages • Authentication is by a combination of what you know and what you are • “Passing” what you are is difficult or impossible • Impersonation becomes an impossibility • Indirect Advantages • Can test medical health with authentication • Using centralized database can authorize/unauthorize people very quickly

  20. Biometric Template storage • At the authentication point • Central Repository • On a portable token with the user

  21. Biometric types • Fingerprint • Hand Geometry • Voice Recognition • Retinal Scanning • Iris Scanning • Signature • Facial Recognition

  22. Fingerprint • 12 or more points on the finger are scanned for a match • Gaining popularity, low cost • easy to implement • Cuts or dirt can cause false rejects • Intruders can obtain fingerprints from anything the authentic user has touched • Digits are easily removed from the body

  23. Hand Geometry • Physical characteristics of the hand are measured • False reject rate (FRR) is very low • Popularity means low cost • Requires a scanner large enough for the hand

  24. Voice Recognition • A line of text is read, key points are compared to a baseline sample • Users like the idea of talking to computers • Background noise, anxiety and the common cold can cause a failure • Large storage space required for the template

  25. Retinal Scanning • The inside of the eye contains blood vessels which form in a unique way for each individual • Very accurate • Almost impossible to steal • Users will not like being shot with a laser • Medical problems may inhibit authentication

  26. Iris Scanning • Scans the random pattern of the iris • Overcomes many of the problems of Retinal scanners • Almost impossible to steal • Users don’t trust the safety of the cameras

  27. Signature Verification • The user’s signature is compared with a baseline sample • User’s feel comfortable • Inexpensive • High failure rate • Easy to steal

  28. Facial recognition • Distance from a midline to key points on the face is measured • Inexpensive • No contact with the device • Background “noise” can cause problems • Immature technology

  29. Problems with Biometrics • Passwords cannot be changed once they are compromised • Identical Twins will have the same biometric readings • Most solutions don’t eliminate the possibility of theft

More Related