the ecology of malware
Skip this Video
Download Presentation
The Ecology of Malware

Loading in 2 Seconds...

play fullscreen
1 / 10

The Ecology of Malware - PowerPoint PPT Presentation

  • Uploaded on

The Ecology of Malware. CPIS 210 John Beckett. Is it Alive?. In a manner of speaking – it can reproduce and spread Not quite – it requires an active, artificial host. Why?. Curiosity “Hacker” used to mean simply someone who was curious enough to make a computer go beyond its design

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'The Ecology of Malware' - ossie

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
the ecology of malware

The Ecology of Malware

CPIS 210

John Beckett

is it alive
Is it Alive?
  • In a manner of speaking – it can reproduce and spread
  • Not quite – it requires an active, artificial host
  • Curiosity
    • “Hacker” used to mean simply someone who was curious enough to make a computer go beyond its design
  • Fame/notoriety
  • Profit
    • Taking servers hostage
    • Attacking competing malware vendors’ reputations
  • Warfare
the epidemiological dilemma
The Epidemiological Dilemma
  • If a virus is not very vigorous about spreading, it will die off
  • If a virus does nothing to affect its hosts’ activity, it will not be noticed
  • If a virus destroys its hosts, it will lose its deployment platform
  • The “ideal” virus spreads despite the damage it does
    • Perhaps delays damage until it has spread
    • Perhaps does all its damage to other devices
the big target
The Big Target
  • Infect an update of a widely-used piece of software, so that the malware is distributed by the vendor
  • This is why you should be careful where you get downloads from!
infection routes
Infection Routes
  • Email
    • Encrypt the virus, and provide the decryption key in clear-text in the email
  • Seductive Web sites
    • Females: social networking, “cute” tools
    • Males: porn
  • Legitimate sources
    • Infect pdf, jpg, whatever…
the signature method
The Signature Method
  • Determine a pattern indicating that a virus is present
  • Publish that in a “signature list” update
  • Software watches for that pattern
  • Oops – The malware got to you before the signature
  • Oops – The signature had a false positive on something good (like Excel.exe)
  • An anti-virus company contains people with a great deal of skill in that field.
  • It is tempting to create a virus other AV products can’t handle.
  • Has this happened?
    • Are we getting trapped into an endless cycle of expense and trouble?
  • The real answer: “Baked-in” protection.
    • Microsoft is beginning this with Windows 8
    • Recognizing that protection is a vital part of an OS
the future of malware beckett s take
The Future of Malware(Beckett’s take)
  • Among elite, increasing focus on high-value targets
    • People with deep pockets
    • Military adversaries
      • Or potential adversaries
  • Continued phishing threats
    • “There’s a sucker born every minute”
    • Compromised accounts sold in bulk like corn or hogs
  • Increased blurring of lines between malware, annoy-ware, and remote-service back-doors
  • Creation of “good” viruses
  • Proprietary software “calling home” to report
    • Hard to distinguish from malware
pathological user behaviors
Pathological User Behaviors
  • Trying things without considering the dangers.
  • Ignoring dangers one doesn’t understand.
  • Failing to take reasonable steps to protect oneself.
  • Self-justifying behaviors as being necessary, even after they are discovered to be dangerous.
  • Using perceived (perhaps illusory) dangers as an excuse not to use new technology.
    • Even if new tech is safer than old methods

Why do I even have to deal with this?

I was told this was a really great idea!

That’s your problem, not mine