From MCA553 (Principles of Cryptography and Cyber Security).
---
Malware
Malware = Malicious Software
Software designed to damage, steal, spy on, or disrupt computer systems.
Objectives:
Steal information
Destroy data
Spy on users
Gain unauthorized access
---
Types of Malware
1. Virus
A virus attaches itself to a file or program and spreads when that file runs.
Characteristics:
Requires user action
Can corrupt files
Slows system performance
Example: Infected USB drive.
---
2. Worm
A worm spreads automatically through networks.
Characteristics:
No user action required
Self-replicating
Consumes bandwidth
Example: WannaCry Worm.
---
Difference Between Virus and Worm
Virus Worm
Needs host file Independent
User action needed Automatic spread
Slower spread Faster spread
---
3. Trojan Horse
Malware disguised as legitimate software.
Example: Fake antivirus software.
Characteristics:
Looks genuine
Creates backdoor access
Steals information
---
4. Rootkit
Designed to hide malware activities.
Functions:
Hides files
Hides processes
Hides network connections
Danger: Very difficult to detect.
---
5. Bot (Robot)
An infected computer controlled remotely by attackers.
A collection of bots forms a:
Botnet
Used for:
Spam attacks
DDoS attacks
Cryptocurrency mining
---
6. Adware
Displays unwanted advertisements.
Effects:
Pop-up ads
Browser redirection
Slow performance
---
7. Spyware
Secretly collects information.
Steals:
Passwords
Banking details
Browsing history
---
8. Ransomware
Encrypts files and demands money.
Process:
Files Locked
↓
Payment Demanded
↓
Decryption Key Promised
Example: WannaCry Ransomware.
---
9. Zombie
A compromised computer controlled remotely.
Used in:
DDoS attacks
Botnets
User usually does not know their system is infected.
---
Malware Analysis
Process of studying malware.
Purpose:
Understand behavior
Identify threats
Develop defenses
Types:
Static Analysis
Without running malware.
Examines:
Code
Strings
File structure
---
Dynamic Analysis
Running malware in a controlled environment.
Observes:
Network activity
File modifications
Registry changes
---
OS Hardening
OS Hardening means securing an operating system by reducing vulnerabilities.
Purpose:
Increase security
Reduce attack surface
---
Process Management
Monitor running processes.
Actions:
Stop suspicious programs
Limit privileges
---
Memory Management
Protect memory from unauthorized access.
Methods:
Access control
Memory protection
---
Task Management
Control applications and services.
Benefits:
Remove unnecessary programs
Improve security
---
Windows Registry Security
Registry stores system settings.
Hardening Steps:
Restrict access
Backup registry
Remove malicious entries
---
Services Configuration
Disable unnecessary services.
Examples:
Unused FTP services
Unused Remote Access services
Benefits:
Reduced attack surface
---
Antivirus Protection
Antivirus software detects and removes malware.
Functions:
Scan files
Real-time protection
Quarantine threats
Examples:
Microsoft Defender
Quick Heal
Avast
---
Anti-Spyware Tools
Designed specifically to detect spyware.
Functions:
Remove tracking software
Protect privacy
---
System Tuning Tools
Improve performance and security.
Functions:
Remove junk files
Optimize startup
Clean registry
---
Anti-Phishing Tools
Protect users from fake websites and emails.
Features:
URL checking
Email scanning
Browser protection
---
Firewall
A firewall monitors and controls network traffic.
Acts as a security gate between:
Internet
↓
Firewall
↓
Private Network
---
Firewall Design Principles
1. All traffic must pass through firewall
No direct access.
---
2. Only authorized traffic allowed
Rules determine access.
---
3. Firewall itself must be secure
Cannot be easily attacked.
---
Types of Firewalls
Packet Filtering Firewall
Checks packets individually.
---
Stateful Inspection Firewall
Tracks active connections.
---
Application Firewall
Protects applications.
Example: Web Application Firewall (WAF)
---
Trusted Systems
Systems designed with built-in security mechanisms.
Features:
Access control
Auditing
Authentication
---
Digital Signature
Digital signature proves:
1. Sender identity
2. Data integrity
3. Non-repudiation
Uses:
Private Key
Public Key
---
Authentication Protocol
Rules used to verify identity.
Examples:
Password Authentication
OTP Authentication
Kerberos
Multi-Factor Authentication (MFA)
---
Digital Signature Standard (DSS)
A standard developed by the U.S. government for digital signatures.
Purpose:
Secure electronic communication
Verify authenticity
Benefits:
Authentication
Integrity
Non-repudiation
---
Important Exam Questions
Short Questions
1. What is Malware?
2. Define Virus.
3. Define Worm.
4. What is Trojan Horse?
5. What is Ransomware?
6. What is OS Hardening?
7. What is a Firewall?
8. What is DSS?
---
Long Questions
1. Explain various types of malware.
2. Differentiate Virus and Worm.
3. Explain OS Hardening techniques.
4. Discuss Firewall design principles.
5. Explain Digital Signature Standard.
6. Explain Malware Analysis techniques.
---
One-Day Exam Revision (MCA553)
Remember:
CIA = Confidentiality, Integrity, Availability
Cyber Forensics = Investigation of digital crimes
RSA = Public Key Cryptography
Diffie-Hellman = Key Exchange
AES = Modern Encryption Standard
Triple DES = DES × 3
Hash Function = Fixed-size fingerprint
MAC = Message Authentication Code
Virus = Needs host file
Worm = Self-spreading
Trojan = Fake software
Ransomware = Encrypts files for money
Firewall = Controls network traffic
DSS = Digital Signature Standard
You have now completed Cyber Security (MCA553) from your Semester III syllabus. Next, I recommend Machine Learning Techniques (MCA556) because it is one of the easiest and most scoring papers in Semester III.
No comments:
Post a Comment