Reasons attackers use malware: automation, scalability, and deniability
Attackers release malicious programs on the internet and let spread
types of malicious software
– needs host program: trap door, logic bombs, trojan horses, viruses, browser plug-in extension, script
– independent: Worms, botnet, APTs
Trap door
– A secret entry point to a program or system.
– Typically works by recognizing some special sequence of inputs or special user ID.
Logic Bombs
– Embedded in some legitimate program
– Explode or perform malicious activities when certain condition are met
Trojan Horses
– Hidden in an apparently useful host program
– Performs some unwanted/harmful function when the host program is executed
Viruses
– Infect a program by modifying it
– Self-copy into the program to spread
