Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ►...
-
Upload
lindsay-tate -
Category
Documents
-
view
213 -
download
1
Transcript of Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ►...
![Page 1: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/1.jpg)
Malware in Popular NetworksDmitry O. Gryaznov
![Page 2: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/2.jpg)
The Big Change
► Mostly viruses, few trojans
► Obvious destructive or annoying payload
► Mischief and vandalism
► Nothing gained but “glory”
► Mostly non-replicating malware
► Trying to stay inconspicuous
► Theft and control
► Monetary gains
Then Now
![Page 3: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/3.jpg)
![Page 4: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/4.jpg)
![Page 5: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/5.jpg)
![Page 6: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/6.jpg)
Malware “Highways”
► Usenet
► Internet Relay Chat (IRC)
► Peer-to-peer (P2P)
► Instant Messaging (IM)
![Page 7: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/7.jpg)
Usenet
► Since early 1980s
► Over 100,000 newsgroups
► Millions of users
► Over 2 Terabytes daily
► Mostly binaries – video, audio, software
![Page 8: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/8.jpg)
![Page 9: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/9.jpg)
![Page 10: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/10.jpg)
![Page 11: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/11.jpg)
Top Ten Malware Detections in Usenet in 2005
BackDoor-AZV 46963
W32/Spybot.worm.gen.b 4876
BackDoor-CQZ 1381
W32/Swen@MM 283
W32/Torvil@MM 192
MultiDropper-DC 183
W32/Kelvir.worm.gen 75
W32/Netsky.p@MM 75
BackDoor-ACH 72
BackDoor-Sub7.svr 44
![Page 12: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/12.jpg)
Internet Relay Chat (IRC)
► Since early 1990s
► Dozens of networks (EFNet, DALnet, Undernet, etc.)
► Millions of users
► Direct file spamming (via DCC Send)
► URL spamming (via text messages)
► Used by numerous malwares even when no IRC software was ever installed by user
![Page 13: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/13.jpg)
![Page 14: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/14.jpg)
Top Ten Malware Detections in IRC in 2005
W32/Drefir.worm 453
IRC/Flood 319
VBS/Redlof@MM 224
IRC-Contact 224
VBS/Gedza 143
Downloader-TS 107
BackDoor-JZ 71
W32/Pate.b 42
W32/Jeefo 40
Nuke-Vai 40
![Page 15: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/15.jpg)
Peer-to-peer networks (P2P)
► File sharing: movies, music, software
► Numerous networks (Kazaa, eDonkey, BitTorrent, Gnutella, etc.)
► Millions of users
► “Bridging” between different networks
![Page 16: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/16.jpg)
![Page 17: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/17.jpg)
Top Ten Malware detections in Gnutella in 2005
Downloader-TS 7540
W32/Tibick!p2p 1764
W32/Generic.d!p2p 1597
W32/Sndc.worm!p2p 1438
VBS/Gedza 1029
W32/Bagle.aa@MM 784
Exploit-MS04-028 757
W32/Pate.b 649
W32/Sdbot.Worm.gen 566
W32/Bagle.n@MM 535
![Page 18: Malware in Popular Networks Dmitry O. Gryaznov. The Big Change ► Mostly viruses, few trojans ► Obvious destructive or annoying payload ► Mischief and.](https://reader035.fdocuments.in/reader035/viewer/2022072014/56649e7e5503460f94b816ee/html5/thumbnails/18.jpg)
Questions?