From AV to Internetized Security Solution - PowerPoint PPT Presentation

1 / 35
About This Presentation
Title:

From AV to Internetized Security Solution

Description:

Hooks Native API. Hides Processes ZwQuerySystemInformation ... Hooking System Ring3 API. Amount. Category. Viruses using root kit technology found in 2005: 325 ... – PowerPoint PPT presentation

Number of Views:84
Avg rating:3.0/5.0
Slides: 36
Provided by: antivirus7
Category:

less

Transcript and Presenter's Notes

Title: From AV to Internetized Security Solution


1
From AV to Internetized Security Solution
--- The Analysis Report of Malware Technology in
China in 2005
  • ?? Jeffrey
  • Beijing Rising Tech. Co., Ltd.

2
Travel
3
Agenda
  • Background
  • Overview of the security industry
  • Overview situation of viruses and spam
  • Changes of viruses
  • Changes of purpose
  • Changes if anti-detection
  • Other threats on the internet
  • Unauthorized software (Rogue software)
  • Summary

4
Internet Statistics
Data from CNNIC
5
Security Industry Revenue
Data from CCID Consulting
6
Product Dispersal
Data from CCID Consulting
7
AV Market Share Distribution
Data from IDC 2005
8
Agenda
  • Background
  • Overview of the security industry
  • Overview situation of viruses and spam
  • Changes of viruses
  • Changes of purpose
  • Changes if anti-detection
  • Other threats on the internet
  • Unauthorized software (Rogue software)
  • Summary

9
Virus Statistics
  • 45059 new definitions added to virus database
  • From Jan. 1st to Nov. 15th, 2005

Data from RISING
10
Most Active Top 10
Data from RISING
11
Top 10 Worst Spam Countries (Jan. 19 2005)
http//www.spamhaus.org
12
Top 10 Worst Spam Countries (Nov. 11 2005)
http//www.spamhaus.org
13
Agenda
  • Background
  • Overview of the security industry
  • Overview situation of viruses
  • Changes of viruses
  • Changes of purpose
  • Changes if anti-detection
  • Other threats on the internet
  • Unauthorized software (Rogue software)
  • Summary

14
Changes of the purpose of virus creation
  • Gain economic benefits
  • Virtual property
  • Bank accounts
  • Increase website hits

15
Viruses have an Economic Purposes
  • Total 4163 found till Nov. 15th, 2005

Data from RISING
16
Agenda
  • Background
  • Overview of the security industry
  • Overview situation of viruses
  • Changes of viruses
  • Changes of purpose
  • Changes if anti-detection
  • Other threats on the internet
  • Unauthorized software (Rogue software)
  • Summary

17
Changes to Anti-Detection
  • The economic benefits by improving anti-detection
    technology
  • Methods used for anti-detection
  • Root Kit
  • Entry Point Obscuring
  • Source code level morphing

18
Root Kits
  • Hooks Native API
  • Hides Processes ZwQuerySystemInformation()
  • Hides Files ZwQueryDirectoryFile()
  • etc
  • Many Open Source Code
  • www.rootkit.com

19
The Viruses Using Root Kit Technology
Viruses using root kit technology found in 2005
325
Data from RISING
20
Agenda
  • Background
  • Overview of the security industry
  • Overview situation of viruses
  • Changes of viruses
  • Changes of purpose
  • Changes if anti-detection
  • Other threats on the internet
  • Unauthorized software (Rogue software)
  • Summary

21
Other Threats
  • Rogue software
  • Ad-ware
  • Spy-ware
  • Browser hijack and ActiveX controls
  • Track-ware
  • Malicious shareware
  • Fishing
  • etc

22
Rogue software
Data from UNB
23
How Rogue Software Avoid Being Deleted?
  • Make themselves automatically launch
  • Install drivers to get a higher privilege
  • Create mutually protecting threads
  • Inject DLLs or threads into another process
  • Rubbish Files

24
To remove or not to remove
  • Its hard to make the decision.
  • To remove
  • Annoys the users.
  • Not to remove
  • Free
  • Provides some useful features.

25
Agenda
  • Background
  • Overview of the security industry
  • Overview situation of viruses
  • Changes of viruses
  • Changes of purpose
  • Changes if anti-detection
  • Other threats on the internet
  • Unauthorized software (Rogue software)
  • Summary

26
The situation of viruses in 2005
  • Economic purposes significantly lead to the
    increase of new viruses and virus technologies.
  • Weaknesses of a system is the major reason of
    virus infection.
  • Network is still the most commonly used media
    though which viruses spread.
  • IM tools are utilized by viruses to spread over
    internet.
  • New platforms are becoming the target of viruses
  • mobile phones
  • PDAs
  • and etc
  • Open source is still the origin of lots of viruses

27
Diary
28
Job
29
File System
  • openomy project

30
earth
31
People Internetized
  • A lot of things around us getting internetized
  • Job
  • E-mail
  • Web office
  • Instance Message
  • Life
  • Blog
  • Online Game
  • Online Movie

32
Threats Internetized
Attack on internet
Threats
Gain from internet
33
Protection Needs to be Internetized!
  • Virus
  • Spam
  • Hack
  • Spy-ware
  • Browser hijack
  • Fishing

34
Protect Users Online Security
  • An internetized security solution provides
  • Antivirus
  • Anti-spam
  • Firewall
  • Password protect
  • Anti browser hijack
  • Anti fishing

35
The Hardest Part
  • I wish that I could work it out

Thank you!
Jeffrey_at_rising.com.cn
Write a Comment
User Comments (0)
About PowerShow.com