why protection against viruses bots and worms is so hard
play

Why Protection against Viruses, Bots, and Worms is so hard Malware - PowerPoint PPT Presentation

Mar 17, 2023 •162 likes •739 views

Foundations Security in MAS Conclusion Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till Drges td@pre-secure.de PRESECURE Consulting GmbH June 20, 2007 Till Drges Protection Malware seen

  1. Foundations Security in MAS Conclusion Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till Dörges td@pre-secure.de PRESECURE Consulting GmbH June 20, 2007 Till Dörges Protection – Malware seen as Mobile Agents 1/39

  2. Foundations Security in MAS Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 2/39

  3. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 3/39

  4. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 4/39

  5. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents What is an Agent? Till Dörges Protection – Malware seen as Mobile Agents 5/39

  6. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents What is an Agent? • Modeling Paradigm • Software Engineering (unlike e.g. objects, . . . ) • Artificial Intelligence Till Dörges Protection – Malware seen as Mobile Agents 5/39

  7. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents What is an Agent? • Modeling Paradigm • Software Engineering (unlike e.g. objects, . . . ) • Artificial Intelligence Important Properties • Encapsulation and Modularization • Reactivity • Proactivity • Autonomy • Mobility (not generally required) Till Dörges Protection – Malware seen as Mobile Agents 5/39

  8. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents (cont’d) Definition • Subject to quite a bit of debate • Social Behavior • Ability to Adapt • Goal Orientation • . . . • Key properties are safe to assume Particularly Suited for • Distributed and Concurrent Systems • Systems across Multiple Administrative Domains Till Dörges Protection – Malware seen as Mobile Agents 6/39

  9. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Agents (cont’d) Colloquially Speaking • Program/Code and Data • Travel between Platforms • Run on different Platforms Examples • “Shopping Agent” • “Find (buy) a blue Bicycle for not more than EUR 500.” • Inquires at several platforms • Finds best solution • Possibly purchases a bike on behalf of owner/user Till Dörges Protection – Malware seen as Mobile Agents 7/39

  10. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Distinction from Mobile Code Examples for Mobile Code • JAVA applets • ActiveX controls • . . . Mobile Code lacks • Autonomy • Proactivity • Goal Orientation Till Dörges Protection – Malware seen as Mobile Agents 8/39

  11. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Platforms What is a Platform? • Runtime Environment for Agents • Responsible Protection of Agents • Services for Interaction (communication, directory services, . . . ) • Transportation of Agents between Platforms Colloquially Speaking • Application on a Computer Till Dörges Protection – Malware seen as Mobile Agents 9/39

  12. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Multi Agent Systems – MAS What is a MAS? • Technically • n with n > 0 Platforms • m with m > 0 Agents • Infrastructure/Policies • Service Point of View • Shopping Platform • Database Querying • Research • . . . • Multi Agent Application • . . . Till Dörges Protection – Malware seen as Mobile Agents 10/39

  13. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Multi Agent Application? Agent Orientation as Modeling Paradigm • Comparable to Object Orientation • AO development environments readily available • AO application doesn’t have to show agents on the outside Till Dörges Protection – Malware seen as Mobile Agents 11/39

  14. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 12/39

  15. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Malware Definition (Wikipedia) Malware is software designed to infiltrate or damage a computer system without the owner’s informed consent. . . . [The term designates] a variety of forms of hostile, intrusive, or annoying software or program code. Taxonomy • Species • Virus • Bot • Worm • . . . • Distinction blurry Till Dörges Protection – Malware seen as Mobile Agents 13/39

  16. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Malware (cont’d) Properties • Provision of “Services” • Spying • Attacking • Back Doors • . . . • Reactivity • Proactivity • Autonomy • Mobility • Self Replication • Adaption Till Dörges Protection – Malware seen as Mobile Agents 14/39

  17. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Malware (cont’d) Properties • Provision of “Services” • Spying • Attacking • Back Doors • . . . • Reactivity • Proactivity • Autonomy • Mobility • Self Replication • Adaption Till Dörges Protection – Malware seen as Mobile Agents 14/39

  18. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Comparison Malware? • Comparison Malware ⇔ Agents holds Platforms? • Infected Computers provide for Runtime Environment • Other services implemented by Malware directly • Comparison for Infected Computers ⇔ Platforms holds MAS? • Less interesting (1 malware is enough to control 1 computer) • Holds, too. Till Dörges Protection – Malware seen as Mobile Agents 15/39

  19. Foundations Agents and Multi Agent Systems Security in MAS Agents and Malware Conclusion Comparison Malware? • Comparison Malware ⇔ Agents holds Platforms? • Infected Computers provide for Runtime Environment • Other services implemented by Malware directly • Comparison for Infected Computers ⇔ Platforms holds MAS? • Less interesting (1 malware is enough to control 1 computer) • Holds, too. Till Dörges Protection – Malware seen as Mobile Agents 15/39

  20. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 16/39

  21. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Table of Contents Foundations 1 Agents and Multi Agent Systems Agents and Malware Security in MAS 2 Desirable Properties Protecting the Platform Protecting the Agent Conclusion 3 Till Dörges Protection – Malware seen as Mobile Agents 17/39

  22. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Security Conventional Aspects / Definition • Confidentiality • Integrity • Availability Till Dörges Protection – Malware seen as Mobile Agents 18/39

  23. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Security Conventional Aspects / Definition • Confidentiality • Integrity • Availability Till Dörges Protection – Malware seen as Mobile Agents 18/39

  24. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Security Conventional Aspects / Definition • Confidentiality • Integrity • Availability Shortcomings • Every System is Special • Definition has to be adapted • What about (for example) • Identity • Trust • . . . Till Dörges Protection – Malware seen as Mobile Agents 18/39

  25. Foundations Desirable Properties Security in MAS Protecting the Platform Conclusion Protecting the Agent Desirable Security Properties in MAS Security for Agents? • Communication • Integrity • Confidentiality • Availability • Non-Repudiation • . . . • Mobility • Agent Execution Different Points of View • Protection of Platforms • Protection of Agents Till Dörges Protection – Malware seen as Mobile Agents 19/39

Recommend

Malware: Viruses, Worms, Rootkits, Botnets Spring 2015

Malware: Viruses, Worms, Rootkits, Botnets Spring 2015

CSE 484 / CSE M 584: Computer Security and Privacy Malware: Viruses, Worms, Rootkits, Botnets Spring 2015 Franziska (Franzi) Roesner

403 views • 37 slides
Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 5 Viruses & Worms, Botnets, Todays Threats Viruses & Worms Viruses Program

693 views • 31 slides
Viruses & Worms Thanks to Prof. Vern Paxson for these slides Malware That Propagates

Viruses & Worms Thanks to Prof. Vern Paxson for these slides Malware That Propagates

Viruses & Worms Thanks to Prof. Vern Paxson for these slides Malware That Propagates Virus = code that propagates (replicates) across systems by arranging to have itself eventually executed Generally infects by altering stored code

800 views • 67 slides
Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 19, 2011 Announcements Matthias out for at least this coming week :-(

864 views • 31 slides
Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin

Viruses & Worms CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ April 19, 2011 Announcements Matthias out for at least this coming week :-(

468 views • 46 slides
Today Memory layout Buffer overflow, worms, and viruses

Today Memory layout Buffer overflow, worms, and viruses

University of Washington Today Memory layout Buffer overflow, worms, and viruses 1 University of Washington not drawn to scale IA32 Linux Memory

446 views • 22 slides
Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1

Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1

Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1 Introduction Malicious Logic: a set of instructions that cause violation of security policy Idea taken from Troy: to breach an impenetrable

1.3k views • 109 slides
Security Overview Different aspects of security User authentication Protection mechanisms

Security Overview Different aspects of security User authentication Protection mechanisms

CS399 New Beginnings Jonathan Walpole Security Overview Different aspects of security User authentication Protection mechanisms Attacks: - trojan horses, spoofing, logic bombs, trap doors, buffer overflow attacks, viruses, worms, mobile

825 views • 59 slides
Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses, diseases Online viruses, worms Fashion Adoption of technologies Behavior Ideas Example: Ebola virus First emerged in Zaire

621 views • 29 slides
Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses,

Epidemics in Social Networks Epidemic Processes Epidemics, Influence, Propagation Viruses, diseases Online viruses, worms Fashion Adoption of technologies Behavior Ideas Example: Ebola virus First emerged in

519 views • 26 slides
AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses

VIRUSES, WORMS, AND MALWARE Ben Livshits, Microsoft Research Overview of Todays Lecture 2 Viruses Intrusion detection Behavioral detection Firewalls Virus/antivirus Application firewalls coevolution paper discussed

915 views • 56 slides
Malware: Botnets, Viruses, and Worms Damon McCoy Slide Credit: Vitaly Shmatikov slide 1

Malware: Botnets, Viruses, and Worms Damon McCoy Slide Credit: Vitaly Shmatikov slide 1

Malware: Botnets, Viruses, and Worms Damon McCoy Slide Credit: Vitaly Shmatikov slide 1 Malware Malicious code often masquerades as good software or attaches itself to good software Some malicious programs need host programs

1.29k views • 86 slides
Discord Bot CHRIS L Discord What is it? Why does it need bots? Existing bots Why

Discord Bot CHRIS L Discord What is it? Why does it need bots? Existing bots Why

Discord Bot CHRIS L Discord What is it? Why does it need bots? Existing bots Why does it need more bots? Wanted Features Convenience Information Grabbing Administration Technologies used Node.js Discord JS

338 views • 12 slides
Swine H1NI Influenza A: Transmission of Viruses in Indoor Air: HVAC System Protection Options

Swine H1NI Influenza A: Transmission of Viruses in Indoor Air: HVAC System Protection Options

Swine H1NI Influenza A: Transmission of Viruses in Indoor Air: HVAC System Protection Options Federal Interagency Committee for Indoor Air Quality Environmental Protection Agency June 3, 2009 Steven Welty CAFS, CIE, LEED AP Green Clean Air

694 views • 52 slides
FILARIAL WORMS Found mainly in tropical regions in Asia Threadlike worms live in the

FILARIAL WORMS Found mainly in tropical regions in Asia Threadlike worms live in the

FILARIAL WORMS Found mainly in tropical regions in Asia Threadlike worms live in the blood and lymph vessels of birds and mammals. They are transmitted by mosquitoes. Cause severe infections Worms block passage of lymph

390 views • 8 slides
famil y Pathogenic bacteria, toxins, parasites and viruses Commensal bacteria (inc. B.

famil y Pathogenic bacteria, toxins, parasites and viruses Commensal bacteria (inc. B.

famil y Pathogenic bacteria, toxins, parasites and viruses Commensal bacteria (inc. B. fragilis) Bacterial autoimmune triggers Dysbiotic bacteria Phyla microbiota ratios Opportunistic parasites Worms Yeast, fungi and

114 views • 10 slides
Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack

Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack

Outline Introduction to worms Potential damage that *could* be caused (theoretical) Early DoS and Worms Examples of recent worms and DoS attacks Slammer Worm Shaft DoS attack Ben Wilde Mstream DoS attack 7 February, 2005

718 views • 14 slides
How the body How the body responds to responds to infection infection Primary lymphoid organs

How the body How the body responds to responds to infection infection Primary lymphoid organs

How the body How the body responds to responds to infection infection Primary lymphoid organs Infectious agents Infectious agents Viruses Viruses Bacteria Bacteria Fungi Fungi Protozoa Protozoa Worms Worms Neutrophils

438 views • 22 slides
Outline Malicious Code Introduction CS 239 Viruses Trojan horses Security for

Outline Malicious Code Introduction CS 239 Viruses Trojan horses Security for

Outline Malicious Code Introduction CS 239 Viruses Trojan horses Security for Networks and Trap doors System Software Logic bombs May 12, 2002 Worms Examples Lecture 11 Lecture 11 Page 1 Page 2 CS 239,

234 views • 12 slides
Perspectives on CSCW 2017 Courtney Williams Opening Keynote Conversational Intelligence: Bots

Perspectives on CSCW 2017 Courtney Williams Opening Keynote Conversational Intelligence: Bots

Perspectives on CSCW 2017 Courtney Williams Opening Keynote Conversational Intelligence: Bots and Lessons Learned Lili Cheng (Microsoft Research) Xiaoice (China), Tay (US) Advanced conversational bots Bots for work, bots for

569 views • 11 slides
Outline Introduction Malicious Code Viruses CS 236 Trojan horses Computer

Outline Introduction Malicious Code Viruses CS 236 Trojan horses Computer

Outline Introduction Malicious Code Viruses CS 236 Trojan horses Computer Security Trap doors March 14, 2007 Logic bombs Worms Examples Lecture 15 Lecture 15 Page 1 Page 2 CS 236, Winter 2007 CS 236,

341 views • 12 slides
Outline Introduction Malicious Code Viruses CS 239 Trojan horses Computer

Outline Introduction Malicious Code Viruses CS 239 Trojan horses Computer

Outline Introduction Malicious Code Viruses CS 239 Trojan horses Computer Security Trap doors March 15, 2004 Logic bombs Worms Examples Lecture 16 Lecture 16 Page 1 Page 2 CS 239, Winter 2004 CS 239,

408 views • 12 slides
A Lo calization T echnique bots F r o M ulti-Agent Prateek Humane and Neelay Trivedi R

A Lo calization T echnique bots F r o M ulti-Agent Prateek Humane and Neelay Trivedi R

A Lo calization T echnique bots F r o M ulti-Agent Prateek Humane and Neelay Trivedi R obot F ormations What Di Did We Do Do? Indoor Localization System Arduino-Based Sensor Module Polygonal Formation Algorithm HARD RDWARE RE

863 views • 50 slides
The Power of Bots: Understanding Bots in OSS Projects Mairieli Wessel Bruno Mendes Igor

The Power of Bots: Understanding Bots in OSS Projects Mairieli Wessel Bruno Mendes Igor

The Power of Bots: Understanding Bots in OSS Projects Mairieli Wessel Bruno Mendes Igor Steinmacher Igor Wiese Ivanilton Polato Ana Paula Chaves Marco Aurlio Gerosa Research funded by CNPq, FAPESP and NAU Open Source Software (OSS)

511 views • 22 slides

More recommend