Today our LLM lecture is about malicious software and denial-of-service attacks with Brian Honan!

As you may already be aware, malicious software (malware) is one of the most significant categories of threats to computer systems! According to ENISA’s 2021 Threat Landscape, “Malware developers keep finding ways to make reverse engineering and dynamic analysis harder” and “Malware targeting container environments have become much more prevalent, with novel evolutions like file-less malware being executed from memory.” In fact, in recent times we have seen the manifestation of this type of threat in the use of ransomware by criminal gangs to extort money from victims. Together with students, we will examine the wide-spectrum of malware threats, provide an overview of the different types of malware, how they are propagated, the impact malware can have on an organization, and the types of threat actors who are behind developing malware, as well as countermeasures which can be taken. 

More specifically, we’ll start off by surveying the different types of malware, offering a broad classification based on the propagation means  used by malware developers. After carefully examining the variety of actions used once the malware has reached a target, we’ll explore countermeasures and approaches that can be used to counter such threats, be they technical, process-based, or people-focused. Importantly, we’ll discuss how best to respond to a malware attack and what methods can be used to minimize the impact of these attacks on an organization. 

Denial-of-service (DoS) attacks typically consist of attempts to compromise availability by hindering or completely blocking the provision of some service and will be dealt with by studying their core elements, the various forms they take, and defense mechanisms which can be adopted against them will be showcased. 

DoS attacks attempt to exhaust some critical resource associated with services. For example, by flooding a Web server with so many spurious requests that it is unable to respond to valid requests from users in a timely manner. During the lecture, we will discuss how DoS attacks happen, the impact they can have on an organization or indeed the Internet, and what measures can we take to defend against DoS attacks. This session will also look at how criminals are altering their ways of launching attacks, such as using Distributed Denial of Service (DDoS) attacks. A DDoS attack is where criminals use many devices under their control to launch traffic against the target, thus making it harder to defend against as the attack appears to be coming from many different sources. DDos attacks “in 2021 have become more targeted and much more persistent and increasingly multivector”. 

By the end of the lecture, students will have a good understanding of the main attacks used by criminals and how best to mitigate and respond to them.