ITM 820 Lecture Notes - Lecture 5: Advanced Persistent Threat, Code Mobility, Logic Bomb

It"s a progra(cid:373) that"s i(cid:374)serted i(cid:374)to a s(cid:455)ste(cid:373) (cid:449)ith the i(cid:374)te(cid:374)t of (cid:272)o(cid:373)pro(cid:373)isi(cid:374)g the (cid:272)o(cid:374)fide(cid:374)tialit(cid:455), i(cid:374)tegrit(cid:455), or a(cid:448)aila(cid:271)ilit(cid:455) of the (cid:448)i(cid:272)ti(cid:373)"s data, appli(cid:272)atio(cid:374)s, or operati(cid:374)g system or otherwise annoying or disrupting the victim. Terminologies for malicious software: advanced persistent threat (apt) cybercrime directed at business and political targets. Attack kits*: toolkits are ofte(cid:374) k(cid:374)o(cid:449)(cid:374) as (cid:862)(cid:272)ri(cid:373)e(cid:449)are(cid:863). Zeus mostly used to capture and exploit banking credentials. It executes secretly when the host program is run: specific to operating system and hardware. Infection mechanism means by which a virus spreads or propagates: trigger event or condition that determines when the payload is activated or delivered; sometimes known as a logic bomb, payload what the virus does. It may involve damage or benign but noticeable activity. Virus phases: dominant phase the virus is idle and will eventually be activated by some event. Not all viruses have this stage: triggering phase the virus is activated to perform the function for which it was intended.