presenter: le quoc thanh spyware analysis and detection
TRANSCRIPT
![Page 1: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/1.jpg)
Presenter: Le Quoc Thanh
SPYWARE
ANALYSIS AND DETECTION
![Page 2: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/2.jpg)
OBJECTIVES
What is spyware
Who creates spyware
How spyware operates
Common spyware forms
Impact of spyware
Recommendations
2
![Page 3: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/3.jpg)
WHAT IS SPYWARE
Spyware is one type of malicious software (malware) that collects information from a computing system of a person or organization without their knowledge and then send such information to the creator of the spyware.
Spyware can capture keystrokes , screenshots , visited sites, internet usage habits and other personal information.
3
![Page 4: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/4.jpg)
WHO CREATES SPYWARE
Online attackers
Marketing organizations
4
![Page 5: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/5.jpg)
5
HOW SPYWARE OPERATES Basic forms of spyware can be picked up simply by
visiting a Web page, through email, or downloading software especially “freeware” and “shareware”.
Many software downloads are “free”, but within the End User License Agreement (EULA) are provisions to use information from your computer or your email and other contact information. You have to agree to the EULA to download or install, so you essentially agree to allowing someone else to use information about your computer.
More spyware will reset your browser's home page, change the service your browser uses for Web searches, or add new sites to your favorites list.
![Page 6: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/6.jpg)
6
END USER LICENSE AGREEMENT
![Page 7: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/7.jpg)
7
POP-UP
![Page 8: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/8.jpg)
8
COMMON SPYWARE FORMS
Browser hijacking Tracking cookies False antispyware tools Autonomous spyware Keylogger
![Page 9: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/9.jpg)
9
BROWSER HIJACKING
This class of spyware attempts to modify the users browsers setting.
Hijacking spyware can be installed in various ways.
These redirects lead users to advertisements that earn the hijacking commissions when they are visited.
![Page 10: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/10.jpg)
10
COOKIES AND WEB BUGS
- Cookies are small pieces of information stored on a user’s system by a web server. During subsequent visits often , cookies are used for storing user authentication , preferences , and other type of user information.
- They can be used to track a user across multiple websites.
![Page 11: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/11.jpg)
11
FALSE ANTISPYWARE TOOLS
Applications available on some internet sites advertise themselves.
As spyware detection or removable tools. In fact they themselves are spyware.
![Page 12: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/12.jpg)
12
AUTONOMOUS SPYWARE
Autonomous spyware is malicious application , it can be designed to perform any type of spying functions.
Autonomous spyware operates as a separate process or injects itself into other processes running on your system.
This type of spyware often starts up when you log onto your computer and can frequently access anything on your system.
![Page 13: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/13.jpg)
13
KEYLOGGER
Designed to record all keystrokes of users in order to find passwords, credit card numbers, and other sensitive information.
Thus, passwords, credit card numbers, and other personally identifiable information may be captured and relayed to unauthorized reception.
![Page 14: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/14.jpg)
14
Aside of ethics and privacy, spyware steals computer's memory resources and also uses bandwidth as it sends information back to the spyware's home via the user's Internet connection.
Because spyware is using memory and system resources, the applications running in the background can lead to system crashes or general system instability.
Spyware is known to change computer settings, resulting in slow connection speeds, loss of Internet or functionality of other programs.
Increase in system crashes.
IMPACT OF SPYWARE
![Page 15: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/15.jpg)
15
Spyware have the ability to monitor keystrokes, scan files on the hard drive,
Or install other spyware programs, read cookies, change the default home page on the Web browser, consistently relaying such information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party.
IMPACT OF SPYWARE
![Page 16: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/16.jpg)
16
RECOMMENDATIONS Don't install any application unless you are certain of what it does or where it
came from.
Avoid clicking advertised popups especially ones that mention “free” stuff if possible.
Use trusted softwares.
Always read the license agreement
Software and OS upgrades
Utilize browser’s security settings
Pop-up Blockers
Open Firewall
E-Mail Filters
Use Anti-Spyware Spy Sweeper Microsoft Windows Anti-Spyware Spyware Doctor
![Page 17: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/17.jpg)
SUMMARY
17
![Page 18: Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION](https://reader035.vdocuments.us/reader035/viewer/2022062309/5697bfd91a28abf838caf957/html5/thumbnails/18.jpg)
18
THANKS FOR LISTENING