Slide 1Malicious CodeSlide 3Slide 4Slide 5Protecting Against Malicious CodeSlide 7Slide 8Slide 9Telecommunications Networking IILecture 41cMalicious CodeMalicious CodeMalicious Code•What’s the problem we are trying to address?How do we keep people from inserting harmful computer code into our computers?Malicious Code•Categories of malicious code:Nuisance code (e.g., unwanted messages)Harmful code (erases files, clogs up systems, changes system configuration)Latent harmful code (time bombs)Trojan Horses (e.g., back doors that provide unauthorized access)Spying applications (e.g., keystroke monitors)Malicious Code•How can malicious code enter a system-Comes on a trusted disc with an application; downloaded or otherwise received from a trusted source-Comes from an an untrusted source Applications downloaded from servers Applications attached to E-mail Exploitation of network-based applications -Inserted by someone with access to the systemProtecting Against Malicious Code•Applications from Trusted Sources-Trusted sources can use digital signatures or other means to protect against unauthorized changes to their softwareBut… how does the trusted source ensure that its own, authorized employees and contractors have not inserted malicious code into its products?Protecting Against Malicious Code•Possible alternatives for dealing with applications from untrusted sources-Don’t accept applications from untrusted sources-Check the application for malicious code-Run the application in a “sandbox” (e.g., one of the underlying concepts of Java)Protecting Against Malicious Code•Finding non-specific malicious code within an application-A very difficult, unsolved problem...e.g., malicious code could be activated by its combination with specific data that is entered at a future dateProtecting Against Malicious Code•The concept of a “sandbox”Create a virtual machine on which the code executes (runs). Ensure that the code can only have access to tightly controlled and monitored (e.g., level of usage) resources. Securely save the machine’s configuration information. Don’t allow the code to leave behind any remnants, other than data stored in carefully controlled memory locations. Restore the rest of the machine/system to its original
View Full Document
Unlocking...