Lecture 25 Outline

Reading: §23*
Assignments: Homework 5, due Dec. 2

  1. Computer virus
    1. Boot sector infector
    2. Executable infector
    3. Multipartite
    4. TSR (terminate and stay resident)
    5. Stealth
    6. Encrypted
    7. Polymorphic
    8. Metamorphic
    9. Macro
  2. Computer worm
  3. Bots, botnets
  4. Bacterium, rabbit
  5. Logic bomb
  6. Adware, spyware
  7. Ransomware
  8. Phishing
  9. Ideal: program to detect malicious logic
    1. Can be shown: not possible to be precise in most general case
    2. Can constrain case enough to locate specific malicious logic
  10. Defenses
    1. Scanning defenses
    2. Data and instructions
    3. Information flow metrics
    4. Reducing rights
    5. Specifications as restrictions
    6. Limiting sharing
    7. Statistical analysis
You can also obtain a PDF version of this. Version of November 21, 2016 at 7:34AM