Cyber Forensics & Investigation

Types of Security Attacks

Dr. Aju D
Vellore Institute of Technology, Vellore
 Types of Security Attacks

Viruses

Worms

Trojans
 Types of Security Attacks: Viruses

• Virus is a malicious program able to inject its code into other programs /
applications or data files and the targeted areas become "infected".
• Installation of a virus is done without user's consent, and spreads in form
of executable code transferred from one host to another.


Resident virus 
Polymorphic virus

Non-resident virus 
Metamorphic virus

Boot sector virus 
Stealth virus

Macro virus 
Companion virus

File-infecting virus (file infector) 
Cavity virus
 Types of Security Attacks: Worms

• Worm is a malicious program category, exploiting operating system

vulnerabilities to spread itself.

• In its design, worm is quite similar to a virus - considered even its sub-
class.

• Unlike the viruses though worms can reproduce / duplicate and spread
by itself.
 Types of Security Attacks: Worms

Types of Worms

The most common categorization of worms relies on the method how they
spread.

Email worms: Spread through email messages, especially through those

with attachments.

Internet worms: Spread directly over the internet by exploiting access to

open ports or system vulnerabilities.

Network worms: Spread over open and unprotected network shares.

Multi-vector worms: Having two or more various spread capabilities.

 Types of Security Attacks: Trojan Horses

• Computer Trojan or Trojan Horses are named after the

mythological Trojan horse owing to their similarity in operation
strategy.

• Trojans are a type of malware software that masquerades itself as

a non-malicious even useful application but it will actually do
damage to the host computer after its installation.

• Unlike virus, Trojans do not self-replicate unless end user

intervene to install.
 Trojan Types


Remote Access Trojans (RAT) aka Backdoor.Trojan

Trojan-DDoS

Trojan-Proxy

Trojan-FTP

Destructive Trojan

Security Software Disabler Trojan

Info Stealer (Data Sending/ Stealing Trojan)

Keylogger Trojan

Trojan-PSW (Password Stealer)

Trojan-Banker

Trojan-IM,.. etc..
 Other Security Threats

Malware

• Malware refers to software viruses, spyware, adware, worms,

Trojans, ransomeware etc.

• They are designed to cause damage to a targeted computer or

cause a certain degree of operational disruption.

Rootkit

• Rootkit are malicious software designed to hide certain

processes or programs from detection.
 Other Security Threats

Spyware

• Spyware is a software that monitors and collects information

about a particular user, computer or organization without user’s
knowledge.

• There are different types of spyware, namely system monitors,

trojans (keyloggers, banker trojans, inforstealers), adware,
tracking cookies etc.

Tracking cookies

• Tracking cookies
 Other Security Threats

Riskware

• Riskware is a term used to describe potentially dangerous

software whose installation may pose a risk to the
computer.

Adware

• Adware in general term adware is software generating or

displaying certain advertisements to the user.
 Other Security Threats

Creepware


Creepware is a term used to describe activities like spying others
through webcams (very often combined with capturing pictures),
tracking online activities of others and listening to conversation over
the computer's microphone and stealing passwords and other data.

Blended threat

• Blended threat defines an exploit that combines elements of

multiple types of malware components.