1 / 24

Spyware

Spyware. Is your computer being used against you while you sleep?. By Paul Box. CS526. Outline. Why do we care? What is Spyware? What do we do about it? The Spyware test. Why do we care?. Spyware is becoming very prevalent Spyware is a way to make cheap and easy money

rleroy
Download Presentation

Spyware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spyware Is your computer being used against you while you sleep? By Paul Box CS526

  2. Outline • Why do we care? • What is Spyware? • What do we do about it? • The Spyware test. Paul Box / CS526

  3. Why do we care? • Spyware is becoming very prevalent • Spyware is a way to make cheap and easy money • Spyware users want to make this money from you • If you are not cautious, they may be making money from you now • Some of the ways to make money can really harm you. Paul Box / CS526

  4. So what is spyware? • There are many types of spyware: • Adware • Dialers • Joke Programs • Hack Tools • Remote Access programs • Spyware Paul Box / CS526

  5. Adware • “Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyber-space.” Paul Box / CS526

  6. Adware • These are pop up programs or gather information about computer usage • Used by people trying to make money from directed spam and advertisement money • Example is: Adware.WinFavorites • Checks your favorites and send pop ups that relate to it Paul Box / CS526

  7. Dialer • “Programs that use a computer or modem to dial out to a toll number or internet site, typically to accrue charges. Dialers can be installed with or without a user’s explicit knowledge, and may perform their dialing activity without a user’s specific consent prior to dialing.” Paul Box / CS526

  8. Dialer • Typical program that takes over a Modem and dials to locations without a user’s consent • Usually meant to increase the user’s phone bill • Less used as High Speed connections replace dial up • Example: XXXDial • Dials international location to deliver porn to a person’s computer Paul Box / CS526

  9. Joke Programs • “Programs that alter or interrupt the normal behavior of your computer, creating a general distraction or nuisance. Joke programs generally do not themselves engage in the practice of gathering or distributing information from the user's computer.” Paul Box / CS526

  10. Joke Programs • Usually meant as a joke • Usually not malicious or harmful • Made by people that just wants to show how they can get in a system if they wanted to • Example: Joke.Win32.DesktopPuzzle • Turns your desktop into a slider puzzle Paul Box / CS526

  11. Hack Tools • “Tools that can be used by a hacker or unauthorized user to attack, gain unwelcome access to or perform identification or fingerprinting of your computer.” Paul Box / CS526

  12. Hack Tools • 2 Types • Keystroke Loggers • Distributed denial of service attacks • Very Malicious • Used to gleam personal information, bank accounts or passwords • Also can help to take over a computer to be used to attack another computer Paul Box / CS526

  13. Hack Tools • Those that use them are trying to do identity theft or use a computers resources to attack other networks (this is a service many hackers pay for) • Example: Haxdoor.o • Opens port 1661 on the computer and allows full access to others later can use it • Example: KeySpy • Keystroke logger that records all keystrokes and emails it to an email Paul Box / CS526

  14. Remote Access programs • “Programs that allow one computer to access another computer (or facilitate such access) without explicit authorization when an access attempt is made. Once access is gained, usually over the Internet or by direct dial access, the remote access program can attack or alter the other computer. It may also have the ability to gather personal information, or infect or delete files. They may also create the risk that third party programs can exploit its presence to obtain access.” Paul Box / CS526

  15. Remote Access programs • Back Door programs • Makes it easier for access to be gained at future times when it is needed • Can be used to have other programs like hack tools installed • Example: MindControl • Opens port 23 to allow full control over a computer Paul Box / CS526

  16. Spyware • “Programs that have the ability to scan systems or monitor activity and relay information to other computers or locations in cyber-space. Among the information that may be actively or passively gathered and disseminated by Spyware: passwords, log-in details, account numbers, personal information, individual files or other personal documents. Spyware may also gather and distribute information related to the user's computer, applications running on the computer, Internet browser usage or other computing habits.” Paul Box / CS526

  17. Spyware • Used to assist in identity theft • Usually a keystroke logger that transmits its information whenever a secure webpage is accessed • Example: Realtime-Spy • Keystroke logger that records personal passwords and transmits to a remote account Paul Box / CS526

  18. The Bad Guys • Spyware, Remote Access programs and Hack tools • Usage: • Programs to log keystrokes or screen shots and then send that information to some type of account that will be used to gleam important account and password information. • Programs that will be used to allow easier access to the infected computer at a later date. • Programs used to take over an infected computer and use its resources for their own purposes Paul Box / CS526

  19. What to do? • Spyware removal software • Edit the registry • Find and remove the program • Reformat the hard drive • Restore Back ups • Prevention • Never go online (ever) • Firewalls • Spyware detection programs Paul Box / CS526

  20. The Spyware Test • Spyware Warrior • Decided to test what spyware removal and prevention tools were the best • Ran 3 test runs to see what was the best • Infected a computer with spyware in a controlled environment • Ran spyware search and destroyers to see which was the best • Results are found here. Paul Box / CS526

  21. The Spyware Test • Results: • Determined that none were really any good (none can detect and remove everything) • The best were: • Adware • Microsoft Anti-spyware Beta • Pest patrol • Spybot Search and Destroy • Webroot Spyware Sweeper Paul Box / CS526

  22. The Spyware Test • Conclusions: • Spyware and adware can prove quite difficult to remove, even for dedicated anti-spyware scanners even to disabling the spyware so it can not run on reboot or detecting them. • No single anti-spyware scanner removes everything. Even the best-performing anti-spyware scanner in these tests missed fully one quarter of the "critical" files and Registry entries. This means that the programs were at best 75% effective. • It is better to use two or more anti-spyware scanners in combination, as one will often detect and remove things that others do not. • Prevention is always preferable to scanning and removal. • Moreover, users should learn to practice safe computing habits, which include avoiding web sites and programs of unknown or dubious provenance and carefully reading End User License Agreements and Privacy Policies. Paul Box / CS526

  23. References • Spyware Test • Spyware Definitions • Spyware Listings Paul Box / CS526

  24. Questions??? Paul Box / CS526

More Related