FIT3031 Lecture Notes - Lecture 10: Remote Shell, Boot Sector, Terminate And Stay Resident Program
L10: Malicious Software
●Increase of incidents of malicious use of soware
●Strong countermeasures are needed to protect computer systems and informaon
●Have two categories:
○Host dependent:
■ cannot exist independently
■Exists in an applicaon or system program
○Self contained program
■Exists independently
●Or can be placed in two other categories:
○Replicating program
■When executed it may produce one or more copies of itself to be acvated
later
○Non-replicating program
■Acvated when the host programs is invoked to perform a specific funcon
■Does not make copies of itself
Types of Malicious soware
Trap Door
●Le during soware development phase
●Secret entry point into a program
○Undocumented entry points wrien in code for debugging
●Allow someone to gain access without going through security access procedures
●Security
○Focus on program development
○Soware update acvies
Logic Bomb
●Malicious code embedded into the program that acvates when certain condions are met
○Dates
○absence/presence of a file
○Parcular user running the applicaon
●Can alter/delete file, halt machine and other damage
Trojan Horse
●Contain hidden code
●Does undocumented things with the user won’t approve of
●Acts as delivery vehicle
●Disastrous consequences - sending data or passwords to aackers
●Most anvirus programs can’t detect it
●Security
○Know and trust the source of program before running it