Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IMT4114 Digital Forensics > Guest Lecture 1 > Flashcards

Guest Lecture 1 Flashcards

1
Q

Name different malware types and attack vectors

A

Spam: (testing, profilering)
Network: intrusion (spoofing)
Fraud: (forged documents )
Malicious text: (Fake news, trolling, revised messages)
Malware: (trojan, Botnet, spyware)
Authentication and Authorization attacks: (spying, keylogger credential harvesting, further attacks on same system )
Unauthorised attacks: (brute force hacker attacks)
Phishing: (automated system defence bypass)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the main approach to Signature-based Detection? (Traditional Anti-virus sofware)

A
  1. Collect or Capture the new malware sample (Honeypot,
    host-device etc.)
  2. Analyze the sample (manual, automated, static, Dynamic,
    mixed)
  3. Create singature (sequence of strings,bytes, use of wildcards
    char (*,#,) etc. Note: Yara tool, ClamAV
  4. Distribute the signatures* (Central Server =⇒ clients)
  5. Signature update at client machine.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the main approach to Non Signature-based Detection? (Behaviroal)

A
  1. Collect sample for each class (example: Malware & Benign)
  2. Pre-process the sample (removing the unwanted samples, changing format etc.)
  3. Feature extraction(Static, Dynamic and Hybrid), Engineering and Representation
  4. Training, Testing, and Tunning the Model
    5 . Deployment of Model
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

IMT4114 Digital Forensics (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions