- Malware can be classified into several categories, depending on propagation and concealment
- Propagation
- Virus: human-assisted propagation (e.g., open email attachment)
- Worm: automatic propagation without human assistance
- Concealment – Rootkit: modifies operating system to hide its existence
- Trojan: provides desirable functionality but hides malicious operation
- Various types of payloads, ranging from annoyance to crime
Insider Attacks
- An insider attack is a security breach that is caused or facilitated by someone who is a part of the very organization that controls or builds the asset that should be protected.
- In the case of malware, an insider attack refers to a security hole that is created in a software system by one of its programmers.
Backdoors
- A backdoor, which is also sometimes called a trapdoor, is a hidden feature or command in a program that allows a user to perform actions he or she would not normally be allowed to do.
- When used in a normal way, this program performs completely as expected and advertised.
- But if the hidden feature is activated, the program does something unexpected, often in violation of security policies, such as performing a privilege escalation.
- Benign example: Easter Eggs in DVDs and software
Logic Bombs
- A logic bomb is a program that performs a malicious action as a result of a certain logic condition.
- The classic example of a logic bomb is a programmer coding up the software for the payroll system who puts in code that makes the program crash should it ever process two consecutive payrolls without paying him.
- Another classic example combines a logic bomb with a backdoor, where a programmer puts in a logic bomb that will crash the program on a certain date.
to complete the whole content you can visit Source
or download the file from Case study Malware
http://d2.ae/s/wp-content/uploads/2015/09/Ch04-Malware.pdf
comment 0 Comments
more_vert