Upload File

detection of running backdoors

14
Detection of Running Backdoors By mridul ahuja 9911103486 JIIT – 128

Upload: mridulahuja

Post on 21-Aug-2015

30 views

Category:

Internet


2 download

Report

TRANSCRIPT

Page 1: Detection of running backdoors

Detection of Running Backdoors

By mridul ahuja

9911103486

JIIT – 128

Page 2: Detection of running backdoors

What is a Backdoor ? A backdoor in a computer system is a

method of bypassing normal authentication, securing unauthorized remote access to a computer, while attempting to remain undetected.

Page 3: Detection of running backdoors

What is a Backdoor ? Backdoor Trojan can be extremely

harmful if not dealt with appropriately. The main function of this type of virus is to create a backdoor in order to access a specific system.

Page 4: Detection of running backdoors

What is a Backdoor ? These backdoors are classified as

Trojans if they do not attempt to inject themselves into other files.The backdoor may take the form of an installed program (e.g. Back Orifice) or may subvert the system through a rootkit.

Page 5: Detection of running backdoors

Purpose of Backdoors Crashing the computer, e.g. with

"blue screen of death" (BSOD) Data corruption Electronic money theft Data theft, including confidential

files, sometimes for industrial espionage

Downloading or uploading of files for various purposes

Page 6: Detection of running backdoors

Purpose of Backdoors Keystroke logging Downloading and installing software,

including third-party malware and ransomware

Watching the user's screen Viewing the user's webcam Modifications of registry Linking computer to botnet

Page 7: Detection of running backdoors

Some notable backdoors Netbus Advance System Care Subseven or Sub7 Back Orifice (Sir Dystic) Beast Zeus Flashback Trojan (Trojan

BackDoor.Flashback) ZeroAccess Koobface Vundo

Page 8: Detection of running backdoors

Zeus Trojan

Page 9: Detection of running backdoors

Current problem The threat of backdoors surfaced

when multiuser and networked operating systems became widely adopted.

Harder to detect backdoors involve modifying object code, rather than source code

Page 10: Detection of running backdoors

Method used to detect Running processes are dissected and

modules being used in each one of them are extracted.

If any module matches with a virus module, the program checks if any port is being used by that process.

If any port is found , the process may be a virus .

Page 11: Detection of running backdoors

Screenshots

Page 12: Detection of running backdoors

Screenshots

Page 13: Detection of running backdoors

References Hunting for Metamorphic Engines by Wing Wong , Mark

Stamp

Hunting for Undetectable Metamorphic Virus by Da Lin

Detecting RATs through dynamic analysis using Finite-State Machines by Gardåsen, Kjetil Tangen

Remote Administrative Tools : A Comparative Study by Anis Ismail, Mohammad Hajjar, Haissam Hajjar

Remote Administrative Trojan/Tool (RAT) by Manjeri N. Kondalwar , Prof. C.J. Shelke

Page 14: Detection of running backdoors

Static Detection of Application Backdoors - Black Hat | Home

x90re’s Backdoors

ITUnderground2004 Linux Kernel Backdoors

Backdoors in Crypto - BU

Backdoors PHP y ofuscación

50 ton of Backdoors

CEH - Module 6 : Trojans and Backdoors

Backdoors in network security

1 Distributed Detection via Gaussian Running Consensus ...users.isr.ist.utl.pt/~jxavier/ieeetsp2011a.pdf · Distributed Detection via Gaussian Running Consensus: Large Deviations

IOS Backdoors Attack Points Surveillance Mechanisms

Walling up Backdoors in Intrusion Detection Systems

Backdoors to Combinatorial Optimization: Feasibility and

Detection theory and college withdrawal 1 Running Head

Oracle Backdoors[2]

Backdoors et rootkits_avancees_[slides]

Backdoors: Definition, Deniability and Detection

Shell Trojan Generators / Droppers / Backdoors Notes

Noise-response Analysis for Rapid Detection of Backdoors in … · 2020. 8. 4. · Noise-response Analysis for Rapid Detection of Backdoors in Deep Neural Networks N. Benjamin Erichson1

Real SAP Backdoors

DOCS Introducción a BACKDOORS EN WORDPRESS

CEHv6 Module 08 Trojans and Backdoors

Tradeoffs in Backdoors : Inconsistency Detection, Dynamic Simplification, and Preprocessing

Backdoors Affirmative - DDI 2015 SWS.docx

Oracle Backdoors

Classification and Detection of Application Backdoors · Classification and Detection of Application Backdoors Chris Wysopal Black Hat DC Briefings 21 February 2008

1 Backdoors and Trojans. ECE 4112 - Internetwork Security 2 Agenda Overview Netcat Trojans/Backdoors

Detection of running backdoors

Static Detection of Application Backdoors€¦ · design the navigation program subsequently used by Colonial warships, ... Courtesy of The Daily WTF An authentication backdoor in

Building Defensive Architectures Using Backdoors

Silencing Hardware Backdoors

Running Dry: Smart Water and Leak Detection

1NC Backdoors

Running electric field gratings for detection of coherent ...€¦ · Running electric field gratings for detection of coherent radiation ... 2,4,6-trimethylbenzenesulfonate as nonlinear

Troyanos y Backdoors

Tradeoffs in Backdoors: Inconsistency Detection, Dynamic Simplification, and Preprocessing Bistra Dilkina, Carla Gomes, Ashish Sabharwal Cornell University