JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

1 of 16

WORMS

SUBTITLE

2 of 16

MORRIS WORM

Released on November 2 , 1988

It is named after its creator, Robert tappan morris, a graduate student at cornell university

It asffected UNIX operating systems

3 of 16

Creation and spread

---purpose and release

--vulnerabalities exploited

--self- replication

4 of 16

IMPACT

🡪widespread disruption

🡪financial and operational damage

RESPONSE AND CONSEQUENCES

🡪MITIGATION

🡪LEGAL ACTION

🡪INCREASED AWARENESS

5 of 16

WORM ATTACKS

6 of 16

HOW WORM ATTACKS WORK

🡪how worms spread

🡪what they exploit

🡪what they do

IMPACT OF WORM ATTACKS

🡪NETWORK PROBLEMS

🡪DATA AND SYSTEM DAMAGE

🡪FINANCIAL COSTS

NOTABLE WORM ATTACKS

🡪morris worm(1988)

🡪iloveyou(2000)

🡪wannacry(2017)

7 of 16

EXPLAIN WORM TECHNOLOGIES

🡪multiplatform

🡪multi-exploit

🡪ultrafast spreading

🡪polymorphic

🡪metamorphic

🡪transport vehicles

8 of 16

EXPLAIN MOBILE PHONE WORMS

1.Propagation methods

🡪Bluetooth

🡪SMS/MMS

🡪mobileapps

2.Exploited vulnerabilities

🡪operating system flaws

🡪app permissions

3.Payloads

🡪Data theft

🡪battery drain and performance iisues

🡪further infection

9 of 16

IMPACTS OF MOBILEPHONE WORMS

1.Widespread disruptions

🡪network congestion

🡪service interruptions

2.Financial costs

🡪data charges

🡪fraudulent charges

3.Privacy risks

🡪data leakage

10 of 16

DEFENCE AGAINST MOBILE PHONE WORMS

🡪security software

--antivirus and anti-malware apps

🡪regular updates

--OS and App updates

🡪safeapp practices

--Download from trust sources

--review permission

🡪avoiding suspicious links and messages

--be cautious with SMS/MMS

11 of 16

DESCRIBE HOW A WORM APPROACHES

1.identification of vulnerabale systems

🡪network scanning

🡪target selection

2.Exploitation of vulnerabilities

🡪Software exploits

🡪weak security configurations

3.self replication and spread

🡪copying itself

🡪activation

4.payload execution

🡪malicious activities

🡪continuous scanning

5.communication And coordination

12 of 16

5.Communication and coordination

🡪command and control(C&c)

🡪peer-to-peer(p2p)

13 of 16

METHODS OF PROPAGATION

1.Network based propagataion

🡪direct exploitation

🡪network shares

2.email based propagation

🡪email attachements

🡪phishing links

3.instant messaging and social media

🡪messages with links

🡪file sharing

4.Removable media

🡪Usb drivers and external hard drivers

14 of 16

DESCRIBE WORM COUNTERMEASURES

1.detecting worm infectiuons

🡪use monitoring tools

🡪always logs

🡪behaviourial analysis

2.responding to worm infections

🡪have a response plan

🡪isolate infected devices

🡪clean and restore

15 of 16

WORM COUNTERMEASURES APPROACHES

1.signature-based worm scan filtering

🡪how it works(unique identifier)

🡪challenges

2.Filter-based worm containment

🡪how it works

🡪effectiviness

3.Payload-classification-based worm containment

🡪how it works(identify worm-like behavior)

🡪considerations

4.Threshold randomwalk(TRW) scan detection

🡪how it works(identifying unusual patterns)

🡪limitations

16 of 16

5.Rate limiting

🡪how it works(slowing down the worms spread

🡪limitation

6.Rate halting

🡪how it works(blocks all the traffic)

🡪strength