For Lecture 15, we began with Mike's presentation on Blue Pill malicious software. A Blue Pill attack is essentially malicious software code that runs in a virtualized environment, making it dangerous and difficult to detect. As virtualization becomes more popular, it is expected that such attacks will become much more common. The most vulnerable systems to these types of attack include the modern line of processors with built-in virtualization support. The defense against Blue Pill is called Red Pill, but it is not yet very reliable. This presentation was very interesting and contained a lot of great info.
After Mike’s presentation, Professor Gunes continued with lecture 15 on Malicious Codes. He began by discussing different kinds of malicious code, including virus, worm, rabbit/bacteria, logic/time bomb, Trojan horse, backdoor, and dropper. He noted that sometimes it is difficult to specify between different types of malicious codes. The lecture outlined why Trojans are hard to detect and showed that they are also the most popular type of malicious code. We were reminded that even if you create a legitimate trapdoor for yourself, someone else can find it. We were introduced to the “4 Virus Lifecycles,” which are the dormant phase, the propagation phase, the triggering phase, and the execution phase.
The lecture also included methods for preventing malicious code attacks. We learned about how viruses can be detected according to certain patterns, characteristics, and other signature traits of virus code. The easiest way to prevent a malicious code attack is to be sure that your trust the source of the files that you download.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment