Download Malicious code, Mobile Code and Denial of Service attacks

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts
no text concepts found
Transcript 
Luke Shiffner
COSC 316
Chapter 3: Malicious code, Mobile Code and Denial of Service attacks
This chapter will discuss malicious and mobile code along with the DoS attacks (Denial
of Service). Malicious code is code designed specifically to harm the infected system. Mobile
code is software obtained from remote systems, transferred across networks, and infecting the
local machines without being asked for user input. And, finally, Denial of service attacks are
attacks that exploit sending ping requests to a server and loop that action. That will flood the
servers with traffic and use up network resources, sometimes deeming the website unusable for
some period of time.
First to be discussed is Malicious code. More commonly referred to as malware, this code
can take on a variety of forms. The basic idea of malware is software that is designed with the
purpose to cause harm and damages to the target system, this all happening without the owner’s
consent. Malware started appearing back in the early days of the internet. “Many early infectious
programs, including the first Internet Worm and a number of MS-DOS viruses, were written as
experiments or pranks generally intended to be harmless or merely annoying rather than to cause
serious damage to computers. Young programmers learning about viruses and the techniques
used to write them wrote them only to prove that they could or to see how far it could spread. As
late as 1999, widespread viruses such as the Melissa virus appear to have been written chiefly as
pranks.”
The next topic is Mobile code. This software is obtained thorough remote systems. It is
then transferred across a network and then downloaded on to a user machine. This download and
installation will usually happen without the user providing any input. Some examples of mobile
code include javascript codes that are implemented in websites. Also there can be mobile code
found in java applets, ActiveX controls and even Shock movies. Mobile code can also be
executed in user machines through email. Such emails could contain Microsoft Office documents
that have extensions of Macros or Javascript. These scripts or macros will run similar to the
ILOVEYOU virus. In all these situations, the user is almost never aware of the infection, and is
why they become a major problem.
The last topic to be discussed in this chapter is DoS attacks. DoS attacks or Denial of
Service attacks are dedicated attacks that aim to take down a resource that has constant users.
These resources can range from websites to dedicated servers. The idea behind these attacks is to
loop an attack that will ultimately use up so much of the network resources, and will cause the
server to eventually crash. While there are many derivatives of this type of attack there is one
that is a major threat. It is called DDoS or Distributed Denial of Service attack. These attacks
take advantage of strength in numbers. They use multiple infected machines to send requests to
servers simultaneously. This increases the speed and strength of these attacks a lot.
Related documents
No Slide Title
No Slide Title
dos_nanog
dos_nanog
Honeynet Project
Honeynet Project
Systems Security
Systems Security
Research Areas - The George Washington University
Research Areas - The George Washington University
Lecture 1 - WordPress.com
Lecture 1 - WordPress.com
CHAPTER 3 Classes of Attack
CHAPTER 3 Classes of Attack
(DOS) Attack
(DOS) Attack
Intrusion Detection Systems
Intrusion Detection Systems
Document
Document
Document
Document
Introduction - Computer Science
Introduction - Computer Science
IIDPS: An Internal Intrusion Detection and
IIDPS: An Internal Intrusion Detection and
Security
Security
Computer Security Incident Handling Guide (Chapters 4, 5, 6 and 8
Computer Security Incident Handling Guide (Chapters 4, 5, 6 and 8
William Stallings, Cryptography and Network Security 5/e
William Stallings, Cryptography and Network Security 5/e
Introduction to Information Security Chapter N
Introduction to Information Security Chapter N
Chapter 1: Introduction to security
Chapter 1: Introduction to security
Presentation_Sharmistha_Roy
Presentation_Sharmistha_Roy
ch08 - Columbus State University
ch08 - Columbus State University
Introduction to Information Security Chapter N
Introduction to Information Security Chapter N
Web Based Attacks
Web Based Attacks