|
* [[Antivirus software]]
* [[Cryptanalysis]]
==Types of Software to Subvert Computers or Data==
Similar to systems used to secure systems, below are a series of software patterns and groups from the perspective of users attempting to subvert, invade, or infect computer systems. Many of these ideas where theorized as early as the 1960s and 1970s in the fields of [[cyberpunk]] literature with magazines like [[New Worlds (magazine)|New Worlds]] and solidified in the 1980s with novels like [[Neuromancer]]. Note that most of these types of program also have applications in securing systems and countering hacking, yet are primarily known in the fields of hacking, [[espionage]], and computer subversion. Because of their similarity to securing computers, these ideas fall into similar categories.
===General Terms===
====[[Internet_bot|Bot]]====
''copied from main wikipedia article (with slight modification) on 3/19/2021 for ease of reference''
An '''Internet bot''', '''[[World Wide Web|web]] robot''', '''robot''' or simply '''bot''', is a [[software application]] that runs automated tasks (scripts) over the [[Internet]].<ref name=":0">{{cite book |url=https://archive.org/details/malicio_dun_2009_00_4004 |url-access=registration |title=Malicious Bots: An Inside Look into the Cyber-Criminal Underground of the Internet |last1=Dunham |first1=Ken |last2=Melnick |first2=Jim |publisher=CRC Press |year=2009|isbn=9781420069068 }}</ref> Not necessarily malicious, bots perform tasks that are simple and repetitive, much faster than a person could. The most extensive use of bots is for [[web crawling]], in which an automated script fetches, analyzes and files information from web servers. More than half of all web traffic is generated by bots.<ref name="Zeifman">{{cite web |last1=Zeifman |first1=Igal |title=Bot Traffic Report 2016 |url=https://www.incapsula.com/blog/bot-traffic-report-2016.html |website=Incapsula |access-date=1 February 2017}}</ref>
====[[Botnet]]====
A collection of programs or [[software agent]]s operating over a collection of computers and internet addresses. Behaving like a swarm or collective, these groups often route information through each other, perform coordinated actions with each other, or redundantly store information throughout the group. Often viewing as being controlled through command and control software. However, botnets can be created in a "fire and forget" structure, where an infectious program is released into the wild, replicates itself, and then operates autonomously based on its guiding parameters. Can be composed of bots, virii, worms, or trojan horse software or a combination of the types.
====[[Computer_Virus|Virus]]====
''copied from main wikipedia article on 3/19/2021 for ease of reference''
A '''computer virus'''<ref name=Virus.NYT2014>{{cite news |newspaper=[[The New York Times]]
|url=https://www.nytimes.com/times-insider/2014/08/06/1988-the-internet-comes-down-with-a-virus
|title=The Internet comes down with a virus
|date=August 6, 2014}}</ref> is a type of [[computer program]] that, when executed, replicates itself by modifying other computer programs and [[Code injection|inserting]] its own [[Computer language|code]].<ref name="Avast">{{cite web |title=Worm vs. Virus: What's the Difference and Does It Matter? |url=https://www.avast.com/c-worm-vs-virus |website=Avast Academy |publisher=Avast Software s.r.o. |access-date=9 March 2021}}</ref><ref name="Stallings 2012 p.182 ">{{cite book
|last=Stallings |first=William |title=Computer security : principles and practice
|publisher=Pearson |___location=Boston |year=2012 |isbn=978-0-13-277506-9 |page=182}}</ref> If this replication succeeds, the affected areas are then said to be "infected" with a computer virus.<ref>{{cite book
|author=Aycock, John |title=Computer Viruses and Malware
|url=https://archive.org/details/computervirusesm00ayco
|url-access=limited |publisher=Springer |year=2006 |isbn=978-0-387-30236-2
|page=[https://archive.org/details/computervirusesm00ayco/page/n27 14]}}</ref><ref name="vx.netlux.org">{{cite web
|url=http://vx.netlux.org/lib/aas10.html
|author=Alan Solomon |title=All About Viruses
|website= VX Heavens |date=2011-06-14 |access-date=2014-07-17
|url-status=dead |archive-url=https://web.archive.org/web/20120117091338/http://vx.netlux.org/lib/aas10.html
|archive-date=2012-01-17 }}</ref>
Computer viruses generally require a [[Computer program|host program]].<ref name="Avast"/> The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection.
====[[Computer_worm|Worm]]====
''copied from main wikipedia article on 3/19/2021 for ease of reference''
A '''computer worm''' is a standalone [[malware]] [[computer program]] that replicates itself in order to spread to other computers.<ref>{{cite web|last=Barwise|first=Mike|title=What is an internet worm?|url=http://www.bbc.co.uk/webwise/guides/internet-worms|publisher=BBC|access-date=9 September 2010}}</ref> It often uses a [[computer network]] to spread itself, relying on security failures on the target computer to access it.
====[[Trojan_horse_(computing)|Trojan Horse]]====
A software program that disguises its actual purpose, often with malicious intent. Usually downloaded while imitating legitimate software, a trojan horse may then immediately execute and transform into a different type of software, or imitate the legitimate software while covertly running secondary programs.
====Perspective on "Malicious"====
Although viruses and worms are often created maliciously, both could theoretically simply evolve from ideas like software bugs that cause a program to begin replicating and spreading, without any initial intended malicious behavior. Much like their organic counterparts, a tapeworm isn't necessarily "malicious", simply another organism growing in its natural environment. Yet from the perspective an animal's digestive tract, this might be interpreted as aggressive or invasive behavior. Several types of worms and virii in the organic environment have evolved to be symbiotic with their hosts, and similar situations may be possible in the digital environment.
===Isolate or Modify Access===
The purpose of these programs from an attack perspective is to isolate or control access to a system while still allowing the normal users to operate the system. This may imply that the normal users are completely unaware of the issue, or that the normal users experience a degradation of their user experience without an obvious cause until the malicious software is found. In larger internet context, this may also involve isolating a computer from interaction with the wider internet, possibly without their notice, or installing software that might allow for the possibility for future control of the user's system without immediately taking control. A physical world comparison is copying the keys to an owner's house without their knowledge. Vandalism and intimidation could happen in the future, yet don't necessarily happen immediately.
* [[Access_control|Access Controller or Modifier]] (Selectively change user access to system or network resources)
* [[Drive-by_download|Automated Downloader]]
* [[Man-in-the-middle_attack|Communication Modifier]] or "[[Man-in-the-middle_attack|man-in-the-middle]]"
* [[Email_spoofing|Email or Text Msg Spoofing]] (Modify for falsely represent a persons written communication)
* [[Hardware_backdoors|Hardware Backdoor]]
* [[Backdoor_(computing)|Software Backdoor]]
* [[Rootkit]] (sometimes referred to as [[Bootkit]])
* [[URL_redirection|Website or Browser Redirection]]
===Monitor Access===
The purpose of these programs is simply to monitor a user's interactions with a computer system. Often there is little or no degradation of the user experience, as obvious degradation would give away the monitoring. Stealth tends to be a priority as information gathering is preferable to short-term benefit. A physical world comparison would be a deep-cover spy that might exist as part of a society for decades, going to work in factory, earning promotions with increased trust or responsibility, all with the purpose of silently gathering and reporting information.
* [[User_activity_monitoring|Activity Monitor]] (Track lifestyle, interaction patterns, and times of use)
* [[Data_scraping|Data Scraper]]
* Duplicator (Copy the [[structure, sequence and organization]] of a system to falsely represent that system)
* [[Network_eavesdropping|Eavesdropper]]
* [[Network_eavesdropping#Observing_exit_nodes|Exit Node Logger]] (Find a users internet ___location on a secret network)
* [[Keylogger]]
* Locator (Find a user's physical ___location - https://geotraceroute.com/)
* [[Traceroute|Path Tracer]] (Find internet route to a user's computer after randomized infection)
* [[Sniffing_attack|Sniffer]]
* [[IGMP_snooping|Snooper]]
===Prevent Access===
These programs are designed to stop normal users from interacting with their systems, often permanently. The [[stuxnet]] worm was a program within this category, designed to find specific computer systems related to nuclear refining, and destroy those systems. In hacking culture, this behavior is often referred to as "bricking" a target's computer system.
* [[Brick_(electronics)|Bricker]]
* [[Fork Bomb]]
* [[Logic Bomb]]
* [[Time_bomb_(software)|Time Bomb]]
===Warez===
Programs usually designed for an economic benefit to the attacker, which install an application, often hidden, on the targets hardware. These programs then usually either provide information (such as unwanted ads), restrict information in a form of blackmail, or record information that can later be sold or used to find further vulnerabilities. The unifying theme, however, tends to be the economic motivation with some type of implied payout from the activity. This can be contrasted to other types of programs that might have social, military, or nationalistic motivations with no perceivable economic motivation. Physical world comparisons are challenging, yet might include aggressive advertising billboard placement, loudspeakers blaring out propaganda, thieves stealing objects and demanding payment, or kidnappers stealing family or friends and demanding payment.
* [[Adware]]
* [[Browser_helper_object|Browser "Helper" Objects]] (Often the opposite of "helpful")
* [[Crimeware]] (Usually because of a connection to a specific crime or organization)
* [[Cryptojacking_malware|Cryptojacking Malware]] (Subvert computer to mine bitcoins)
* [[Malware]]
* [[Ransomware]]
* [[Scareware]]
* [[Spyware]]
==Software run on computers to secure other systems==
| 