Upload File

a taxonomy of computer worms ashish gupta network security april 2004

  • Home
  • Documents
  • A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004
24
A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Post on 21-Dec-2015

218 views

Category:

Documents


1 download

Report

Tags:

TRANSCRIPT

Page 1: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

A Taxonomy of Computer Worms

Ashish Gupta

Network Security

April 2004

Page 2: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Worm vs a virus

1. Self propagates across the network

2. Exploits security or policy flaws in widely used services

3. Less mature defense today

Page 3: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004
Page 4: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

+

AttackerTarget Discovery

Carrier

Activation

Payload

OVERVIEW

Page 5: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Target Discovery

Page 6: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Target Discovery

• Scanningsequential, random

•Target Listspre-generated, external (game servers), internal

•Passive

Page 7: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Target Discovery

• Internal Target Lists– Discover the local communication topology– Similar to DV algorithm– Very fast ??

• Function of shortest paths

– Any example ?– Difficult to detect

• Suggests highly distributed sensors

Page 8: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Toolkit potential

• http://smf.chat.ru/e_dvl_news.htm

• http://viruszone.by.ru/create.html

• http://lcamtuf.coredump.cx/worm.txt Worm tutorial

Page 9: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Carrier

Page 10: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Carrier• Self-Carriedactive transmission

• Second Channele.g. RPC, TFTP ( blaster worm )

• Embeddede.g. web requests

Page 11: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Activation

Page 12: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Activation

•Human ActivationSocial Enginnering e.g. MyDoom SCO Killer !

•Human activity-based activatione.g. logging in, rebooting

•Scheduled process activatione.g. updates, backup etc.

•Self Activation e.g. Code Red

Page 13: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004
Page 14: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

                                                   

Page 15: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004
Page 16: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004
Page 17: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

MyDoom : Fastest Ever

http://www.cnn.com/2004/TECH/internet/01/28/mydoom.spreadwed/

Page 18: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Payload

Page 19: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Payload

• Internet Remote Control

• Internet DOS : paper’s dream realized

• Data Damage: Chernobyl , Klez

• Physical World Damage

• Human control Blackmail !

Page 20: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Attacker

Page 21: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Attacker

• Curiosity

• Pride and Power

• Commercial Advantage

• Extortion and criminal gain

• Terrorism Example

• Cyber Warfare

Page 22: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

Theodore Kaczynski

• Born in Chicago• extremely gifted as a child• American terrorist who attempted to fight against what he

perceived as the evils of technological progress• eighteen-year-long campaign of sending mail bombs to

various people, killing three and wounding 29. • The first mail bomb was sent in late 1978 to Prof. Buckley

Crist at Northwestern University

http://en.wikipedia.org/wiki/Chicago
http://en.wikipedia.org/wiki/United_States
http://en.wikipedia.org/wiki/Terrorist
Page 23: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

+

AttackerTarget Discovery

Carrier

Activation

Payload

CONCLUSION

Page 24: A Taxonomy of Computer Worms Ashish Gupta Network Security April 2004

???

• given the target discovery/propagation methods of worms, – how to detect it? – with only network traffic header data?  – at ISP?  at edge routers? at end hosts?


Filariasis Nematoda Systemic round worms - Bangabasi …bangabasi.org/pdf/repositories/Filaria.pdf · trematodes (flukes) Taxonomy. Trematodes ... portal hypertension with splenomegaly

Bristle Worms Polychaete By: Jayme De La Vega. Taxonomy Kingdom- Animalia Phylum- Annelida Class- Polychaeta

Worms for Composting, Worms for Bait and Worms for Waste Processing

Annelida: polychaetes, bristle worms, featherduster worms ... · PDF fileAnnelida: polychaetes, bristle worms, featherduster worms, leeches UNDERWATER FIELD GUI DE TO ROSS ISLAND &

Glow-Worms, Railroad-Worms (Insecta: Coleoptera ...edis.ifas.ufl.edu/pdffiles/IN/IN60900.pdfGlow-Worms, Railroad-Worms (Insecta: Coleoptera: Phengodidae) 2 Larvae The last larval instar

supdt order - GST Delhi Zonegstdelhizone.gov.in/files/transfers/7.pdf · ashish ashish kumar ashish kumar kandhwey ashish mittal ashish sanga ashish singhal asi-iish tiwari ashok

Ashish Rice

Phylums of Worms and Phylum Mollusca. WORM PHLYA Worms are general grouping Worms have bilateral symmetry –Allows for more sophisticated behaviour Worms

donidcr.gov.np...ASHISH KUMAR SAH ASHISH BABU KUMAI ASHISH CHAUDHARY ASHISH KOIRALA ASHISH SHARMA ASHMITA TAMANG ASHUTOSH NEUPANE ATIT Name in Ne ali Email . Roll No, 69960 80986 74414

Worms & Worm Gears · Worms & Worm Gears 48 Diametral Pitch (Bronze Worm Gears, Steel Worms – Unhardened & Hardened, Acetal Worm Gears & Worms) Pressure Angle – Single thread

1 Ch 13 Phylum Annelida. 2 Phylum Annelida “little ring” Segmented worms 15,000 species –Marine worms –freshwater worms –terrestrial worms –Leeches worldwide

Ashish imports

Ashish Ppt

HELMINTHES Flat worms and Round worms. HELMINTHOLOGY Phylum Platyhelminthes = Flat worms Class Trematoda = Flukes Class Cestoda = Tape worms Phylum

Worms What do we know about worms? What do we want to find out about worms?

62 Mitre Worms and More Worms - cme.smhs.gwu.edu

ASHISH

186 ashish

Parasitology. Helminthology Platyhelminthes (Flat worms) Nematohelminthes (Round worms) Trematoda (Flukes) Ceastoda (Tape worms) Nematoda

Exam 1 set 3 Taxonomy and Primates - Washington State …anthro.vancouver.wsu.edu/media/Course_files/anth-101... ·  · 2014-09-26Echiura Spine tail Platyhelminthes Spoon worms

Ashish project

Ashish amritsar

Metazoans and Exoparasites Part II. Three Classes Trematodes (flukes-flat worms) Cestodes (tape worms) Nematodes (round worms)

jetairwasy ashish

9 Major Animal Phyla - Weebly · Brachiopoda * Mollusca (bivalves, squid) Priapulida (marine worms) Sipuncula (peanut worms) Echiura (spoon worms) * Annelida (segmented worms) Tardigrada

Worms & Worm Gears - Amazon Web Services · Worms & Worm Gears All worms have .0938 drilled hole in hub. Hxxx worms have polished threads. Gxxx worms have ground and polished threads

Ashish Report

A Taxonomy of Computer Worms

Frontiers in Zoology BioMed Central...Integrated taxonomy: traditional approach and DNA barcoding for the identification of filarioid worms and related parasites (Nematoda) Emanuele

Slow Worms. Slow worms are legless lizards, not snakes

Worms Notes 3 Major Phylum of Worms Platyhelminthes (Flatworms) Nematodes (Round Worms) Annelida (Segmented Worms)

Lecture #11 Worms, Worms & Worms Phylum Platyhelminthes Phylum Nematoda Phylum Annelida

Worms Chapter 1 Section 4. What Worms have in Common What are the 3 major phyla of worms we are discussing? –Flatworms –Roundworms –Segmented worms

PHYLUM ANNELIDA SEGMENTED WORMS · • segmented body • many well ... worms . feather duster worms . christmas tree worms . worm tubes of calcium . deposit feeders

Chap01 Ashish