BibTex RIS Kaynak Göster

KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA

Yıl 2007, Cilt: 22 Sayı: 1, 0 - , 15.02.2013

Öz

Bilgisayar teknolojileri gelişip yaygınlaştıkça, günlük iş ve işlemler elektronik ortamlara taşınmakta vekolaylaşmaktadır. Bunun sonucu olarak bilgi ve bilgisayar güvenliğinin önemi ve karşılaşılan tehditler, gereksayı gerekse çeşitlilik açısından artmıştır. Kötücül (malware) ve casus (spyware) yazılımlar ise bunların enbaşında gelmektedir. Bu yazılımlar ile ilgili olarak literatürdeki mevcut kaynaklar araştırılıp incelendiğinde,kapsamlı ve güncel bir çalışma olmadığı, sunulan çalışmaların ise anti-virüs web sitelerinde ve bilgisayarmagazin dergilerinde yer aldığı ve nasıl korunması gerektiğiyle ilgili kısa bilgilere yer verildiği tespit edilmiştir.Bu tespitlerden yola çıkarak bu kapsamlı araştırma çalışmasında, en önemli tehditlerden olan kötücül ve casusyazılımlar üzerine kapsamlı bir inceleme gerçekleştirilmiştir. Elde edilen bulgular doğrultusunda, bu yazılımlarsınıflandırılmış; sahip oldukları temel özellikler ve taşıdıkları riskler özetlenmiştir. Bu çalışmanın, literatürdegerçekleştirilen kapsamlı bir çalışma olması sebebiyle, kötü niyetli olarak geliştirilen yazılım türlerinin daha iyibilinmesi, tanınması ve gerekli önlemlerin alınmasına büyük katkılar sağlayacağı, karşılaşılabilecek zararlarınazaltılabileceği değerlendirilmektedir.

Kaynakça

  • Canbek, G., Klavye Dinleme ve Önleme Sistemleri
  • Analiz, Tasarım ve Geliştirme, Yüksek Lisans
  • Tezi, Gazi Üniversitesi, Fen Bilimleri Enstitüsü,
  • , 31-32, 43, 50, 58, 154, Eylül 2005.
  • Heiser, J. G., Understanding Today’s Malware,
  • Information Security Technical Report. Vol. 9, No.
  • , 47-64, April-June 2004.
  • Calder, A., Watkins, S., It Governance: A Manager's
  • Guide to Data Security & BS 7799/ISO
  • , Kogan Page, 14, 163, September 1, 2003.
  • Thompson, R., The Four Ages of Malware,
  • Infosecurity Today, 47-48, March/April, 2005.
  • Grimes, R. A., Malicious Mobile Code, O'Reilly, 3,
  • -203, 226-228, 238-244, 467-468, August 1, 2001.
  • İnternet: How Bad Is The Malware Problem?,
  • http://searchsmb.techtarget.com/sDefinition/0.sid4
  • _gci991471.00.html, Eylül 2005.
  • İnternet: 2005 CSI/FBI Computer Crime and
  • Security Survey,
  • http://www.gocsi.com/forms/fbi/csi_fbi_survey.jh
  • tml , Computer Security Institute, Kasım 2005.
  • İnternet: Spyware and Increasing Security Risks-
  • Proactive Protection for fhe Enterprise Client,
  • http://enterprisesecurity.symantec.com/content/we
  • bcastinfo.cfm?webcastid=146, Kasım 2005.
  • İnternet: Symantec, Symantec Internet Security
  • Threat Report, 2005,
  • http://ses.symantec.com/WP000ITR8, Kasım 2005.
  • Peikari, C., Fogie, S., Maximum Wireless Security,
  • Sams Publishing, 153, 164, December 18, 2002.
  • Skoudis, E., Malware: Fighting Malicious Code,
  • Prentice Hall PTR, 13, 96, 123-125, 149-151, 179,
  • November 7, 2003.
  • İnternet: Symantec Security Response - W95.CIH,
  • http://www.symantec.com/avcenter/venc/data/cih.
  • html , Ekim 2005.
  • Mohay, G., Collie, B., Vel, O., McKemmish, R.,
  • Anderson, A., Computer and Intrusion Forensics,
  • Artech House, 236, April 1, 2003.
  • Gustin, J., Cyber Terrorism, Marcel Dekker, 26-
  • , October 15, 2003.
  • Russell, D., Gangemi, Sr. G.T., Computer
  • Security Basics, O'Reilly, 82, July 1, 1991.
  • Thompson, D. P., The Trojan War: Literature
  • and Legends from the Bronze Age to the
  • Present, McFarland & Company, 33, January 6, 2004.
  • İnternet: Trojan Programs, VirusList,
  • http://www.viruslist.com/en/virusesdescribed?cha
  • pter=152540521 , Eylül 2005.
  • Hansen, J. B., Young, S., The Hacker's Handbook,
  • CRC Press, 72-74, 126, 530, 714, November 24,
  • -
  • Conway, R., Cordingley, J., Code Hacking: A
  • Developer's Guide to Network Security, Charles
  • River Media, 55-56, 92, May 1, 2004.
  • Cole, E., Hackers Beware: The Ultimate Guide
  • to Network Security, Sams Publishing, 104-108,
  • -193, 544, 550, August 13, 2001.
  • Hansche, S., Berti, J., Hare, C., Official (Isc) 2
  • Guide to the Cissp Exam, CRC Press, 590,
  • December 15, 2003.
  • Connally, K. I., Law of Internet Security and
  • Privacy 2004, Aspen Publishers, Inc., 112, 2004.
  • İnternet: Email Spam Statistics and
  • Information, McAfee,
  • http://us.mcafee.com/fightspam/default.asp?id=sta
  • ts , Eylül 2005.
  • May 2005 Symantec™ Spam Statistics,
  • http://www.symantec.com/region/reg_ap/promo/b
  • rightmail/docs/May2005SpamStats.pdf, Eylül 2005.
  • Mohay, G., Collie, B., Vel, O., McKemmish, R.,
  • Anderson, A., Computer and Intrusion Forensics,
  • Artech House, 226, April 1, 2003.
  • Caloyannides, M. A., Privacy Protection and
  • Computer Forensics, Artech House, 118-120,
  • October 1, 2004.
  • Gralla, P., Schaeffer, J. P., The Complete Idiot's
  • Guide to Internet Privacy and Security, Alpha
  • Books, 37, January 4, 2002.
  • Bishop, M. A., Computer Security: Art and
  • Science, Addison-Wesley Professional, 724-725,
  • December 2, 2002.
  • Tipton, H. F., Krause, M., Information Security
  • Management Handbook, CRC Press, 132,
  • -1255, December 30, 2003.
  • Russell, R., Hack Proofing Your Network,
  • Syngress Publishing, 78, January 1, 2001.
  • İnternet: Gostev A., Malware Evolution:
  • January - March 2005, Kaspersky Lab.
  • http://www.viruslist.com/en/analysis?pubid=1624
  • , Nisan 2005.
  • Reynolds, J., Complete E-Commerce Book:
  • Design, Build and Maintain a Successful Web-
  • Based Business, CMP Books, 365, April 1, 2004.
  • Stephenson, P., Investigating Computer-Related
  • Crime, CRC Press, 57-58, September 28, 1999.
  • Mutton, P., IRC Hacks, O'Reilly, 39-41, July 27, 2004.
  • Hausman, K. K., Barrett, D., Weiss, M., Exam
  • Cram 2 Security +: Exam Cram SYO-101, Que
  • Publishing, 59, April 10, 2003.
  • Mandia, K., Prosise, C., Incident Response
  • Second Edition: Computer Forensics, McGraw-
  • Hill Professional, 389-390, July 17, 2003.
  • İnternet: Binder, SearchWin2000, TechTarget.
  • http://searchwin2000.techtarget.com/sDefinition/
  • ,,sid1_gci948478,00.html , Mayıs 2005.
  • Poole, O., Network Security: A Practical Guide,
  • Elsevier, 69-71, December 9, 2002.
  • Pipkin, D. L., Halting the Hacker - A Practical
  • Guide to Computer Security, Prentice Hall PTR,
  • , August 26, 2002.
  • Bace, R. G., Intrusion Detection, Sams
  • Publishing, 151, December 22, 1999.
  • İnternet : Zone Labs Virus Information Center,
  • Virus Glossary,
  • http://vic.zonelabs.com/tmpl/body/CA/virusGloss
  • ary.jsp , Ekim 2005.
  • Campbell, P., Calvert, B., Boswell, S., Security+
  • in Depth, Thomson Course Technology, 83,
  • February 1, 2003.
  • Stewart, J., This business of malware,
  • Information Security Technical Report. Vol. 9,
  • No. 2, 35-41, April 2004.
  • Mena, J., Homeland Security Techniques and
  • Technologies, Charles River Media, 47-48, May
  • , 2004.
  • Vacca, J. R., Computer Forensics - Computer
  • Crime Scene Investigation, Charles River
  • Media, 489-490, May 1, 2005.
  • Burgess, R. C., Small, M. P., Computer
  • Security in the Workplace, SEO Press, 21, 2005.
  • Shimonski, R. J., Johnson, N. L., Crump, R. J.,
  • Security+, Syngress Publishing, 142-143,
  • December 1, 2002.
  • Bennett, J., Digital Umbrella: Technology's
  • Attack on Personal Privacy in America, Brown
  • Walker Press (FL), 47-50, September 1, 2004.
  • Gralla, P., Windows XP Hacks, O'Reilly, 152-
  • , April 1, 2005.
  • İnternet: Sanal Dolandırıcılıkta Son Nokta
  • Phishing, İstanbul Emniyet Müdürlüğü.
  • http://www.iem.gov.tr/iem/?idno=147, Mayıs
  • -
  • İnternet: Consumer Online: Home > Scams >
  • Major Scams,
  • http://www.consumer.org.nz/topic.asp?docid=25
  • &category=&subcategory=&topic=Scams&title
  • =Major%20Scams&contenttype=summary ,
  • Eylül 2005.
  • Brown, S., The Complete Idiot's Guide to
  • Private Investigating, Alpha Books, 144-146,
  • October 1, 2002.
  • Jones, S., Encyclopedia of New Media: An
  • Essential Reference to Communication and
  • Technology, Sage Publications Inc, 212-216,
  • December 10, 2002.
  • Orebaugh, A. D., Ethereal Packet Sniffing,
  • Syngress Publishing, 6-10, 27-28, February 17, 2004.
  • Garfinkel, S., Web Security, Privacy &
  • Commerce, 2nd Edition, O'Reilly, 216-221,
  • November 1, 2001.
  • İnternet: Macromedia Flash content reaches
  • 3% of Internet viewers, Flash Player
  • Penetration Survey, March 2005, NPD Research.
  • http://www.macromedia.com/software/player_ce
  • nsus/flashplayer/ , Haziran 2005.
  • Petersen, J. K., Understanding Surveillance
  • Technologies, CRC Press, 2-9, September 21,
  • -
  • İnternet: Self Replicating Wabbits – Sounds
  • Strange. Brings Chaos, SYL Articles,
  • http://articles.syl.com/selfreplicatingwabbitssoun
  • dsstrangebringschaos.html, Eylül 2005.
  • Chuvakin, A., Peikari, C., Security Warrior,
  • O'Reilly, 324, January 12, 2004.
  • Furnell, S., Ward, J., Malware comes of age:
  • The arrival of the true computer parasite,
  • Network Security, 11-15, October 2004.
  • Williamson, D., Deconstructing malware: what
  • it is and how to stop it, Information Security
  • Technical Report. Vol. 9, No. 2, 27-34, 2004.
  • Levenhagen, R., Trends, codes and virus attacks
  • - 2003 year in review, Network Security, Vol.
  • , No. 1, 13-15, January 2004.
  • Hacker 2004 Raporu, Chip Dergisi, Nisan 2004,
  • -61, 2004.
Yıl 2007, Cilt: 22 Sayı: 1, 0 - , 15.02.2013

Öz

Kaynakça

  • Canbek, G., Klavye Dinleme ve Önleme Sistemleri
  • Analiz, Tasarım ve Geliştirme, Yüksek Lisans
  • Tezi, Gazi Üniversitesi, Fen Bilimleri Enstitüsü,
  • , 31-32, 43, 50, 58, 154, Eylül 2005.
  • Heiser, J. G., Understanding Today’s Malware,
  • Information Security Technical Report. Vol. 9, No.
  • , 47-64, April-June 2004.
  • Calder, A., Watkins, S., It Governance: A Manager's
  • Guide to Data Security & BS 7799/ISO
  • , Kogan Page, 14, 163, September 1, 2003.
  • Thompson, R., The Four Ages of Malware,
  • Infosecurity Today, 47-48, March/April, 2005.
  • Grimes, R. A., Malicious Mobile Code, O'Reilly, 3,
  • -203, 226-228, 238-244, 467-468, August 1, 2001.
  • İnternet: How Bad Is The Malware Problem?,
  • http://searchsmb.techtarget.com/sDefinition/0.sid4
  • _gci991471.00.html, Eylül 2005.
  • İnternet: 2005 CSI/FBI Computer Crime and
  • Security Survey,
  • http://www.gocsi.com/forms/fbi/csi_fbi_survey.jh
  • tml , Computer Security Institute, Kasım 2005.
  • İnternet: Spyware and Increasing Security Risks-
  • Proactive Protection for fhe Enterprise Client,
  • http://enterprisesecurity.symantec.com/content/we
  • bcastinfo.cfm?webcastid=146, Kasım 2005.
  • İnternet: Symantec, Symantec Internet Security
  • Threat Report, 2005,
  • http://ses.symantec.com/WP000ITR8, Kasım 2005.
  • Peikari, C., Fogie, S., Maximum Wireless Security,
  • Sams Publishing, 153, 164, December 18, 2002.
  • Skoudis, E., Malware: Fighting Malicious Code,
  • Prentice Hall PTR, 13, 96, 123-125, 149-151, 179,
  • November 7, 2003.
  • İnternet: Symantec Security Response - W95.CIH,
  • http://www.symantec.com/avcenter/venc/data/cih.
  • html , Ekim 2005.
  • Mohay, G., Collie, B., Vel, O., McKemmish, R.,
  • Anderson, A., Computer and Intrusion Forensics,
  • Artech House, 236, April 1, 2003.
  • Gustin, J., Cyber Terrorism, Marcel Dekker, 26-
  • , October 15, 2003.
  • Russell, D., Gangemi, Sr. G.T., Computer
  • Security Basics, O'Reilly, 82, July 1, 1991.
  • Thompson, D. P., The Trojan War: Literature
  • and Legends from the Bronze Age to the
  • Present, McFarland & Company, 33, January 6, 2004.
  • İnternet: Trojan Programs, VirusList,
  • http://www.viruslist.com/en/virusesdescribed?cha
  • pter=152540521 , Eylül 2005.
  • Hansen, J. B., Young, S., The Hacker's Handbook,
  • CRC Press, 72-74, 126, 530, 714, November 24,
  • -
  • Conway, R., Cordingley, J., Code Hacking: A
  • Developer's Guide to Network Security, Charles
  • River Media, 55-56, 92, May 1, 2004.
  • Cole, E., Hackers Beware: The Ultimate Guide
  • to Network Security, Sams Publishing, 104-108,
  • -193, 544, 550, August 13, 2001.
  • Hansche, S., Berti, J., Hare, C., Official (Isc) 2
  • Guide to the Cissp Exam, CRC Press, 590,
  • December 15, 2003.
  • Connally, K. I., Law of Internet Security and
  • Privacy 2004, Aspen Publishers, Inc., 112, 2004.
  • İnternet: Email Spam Statistics and
  • Information, McAfee,
  • http://us.mcafee.com/fightspam/default.asp?id=sta
  • ts , Eylül 2005.
  • May 2005 Symantec™ Spam Statistics,
  • http://www.symantec.com/region/reg_ap/promo/b
  • rightmail/docs/May2005SpamStats.pdf, Eylül 2005.
  • Mohay, G., Collie, B., Vel, O., McKemmish, R.,
  • Anderson, A., Computer and Intrusion Forensics,
  • Artech House, 226, April 1, 2003.
  • Caloyannides, M. A., Privacy Protection and
  • Computer Forensics, Artech House, 118-120,
  • October 1, 2004.
  • Gralla, P., Schaeffer, J. P., The Complete Idiot's
  • Guide to Internet Privacy and Security, Alpha
  • Books, 37, January 4, 2002.
  • Bishop, M. A., Computer Security: Art and
  • Science, Addison-Wesley Professional, 724-725,
  • December 2, 2002.
  • Tipton, H. F., Krause, M., Information Security
  • Management Handbook, CRC Press, 132,
  • -1255, December 30, 2003.
  • Russell, R., Hack Proofing Your Network,
  • Syngress Publishing, 78, January 1, 2001.
  • İnternet: Gostev A., Malware Evolution:
  • January - March 2005, Kaspersky Lab.
  • http://www.viruslist.com/en/analysis?pubid=1624
  • , Nisan 2005.
  • Reynolds, J., Complete E-Commerce Book:
  • Design, Build and Maintain a Successful Web-
  • Based Business, CMP Books, 365, April 1, 2004.
  • Stephenson, P., Investigating Computer-Related
  • Crime, CRC Press, 57-58, September 28, 1999.
  • Mutton, P., IRC Hacks, O'Reilly, 39-41, July 27, 2004.
  • Hausman, K. K., Barrett, D., Weiss, M., Exam
  • Cram 2 Security +: Exam Cram SYO-101, Que
  • Publishing, 59, April 10, 2003.
  • Mandia, K., Prosise, C., Incident Response
  • Second Edition: Computer Forensics, McGraw-
  • Hill Professional, 389-390, July 17, 2003.
  • İnternet: Binder, SearchWin2000, TechTarget.
  • http://searchwin2000.techtarget.com/sDefinition/
  • ,,sid1_gci948478,00.html , Mayıs 2005.
  • Poole, O., Network Security: A Practical Guide,
  • Elsevier, 69-71, December 9, 2002.
  • Pipkin, D. L., Halting the Hacker - A Practical
  • Guide to Computer Security, Prentice Hall PTR,
  • , August 26, 2002.
  • Bace, R. G., Intrusion Detection, Sams
  • Publishing, 151, December 22, 1999.
  • İnternet : Zone Labs Virus Information Center,
  • Virus Glossary,
  • http://vic.zonelabs.com/tmpl/body/CA/virusGloss
  • ary.jsp , Ekim 2005.
  • Campbell, P., Calvert, B., Boswell, S., Security+
  • in Depth, Thomson Course Technology, 83,
  • February 1, 2003.
  • Stewart, J., This business of malware,
  • Information Security Technical Report. Vol. 9,
  • No. 2, 35-41, April 2004.
  • Mena, J., Homeland Security Techniques and
  • Technologies, Charles River Media, 47-48, May
  • , 2004.
  • Vacca, J. R., Computer Forensics - Computer
  • Crime Scene Investigation, Charles River
  • Media, 489-490, May 1, 2005.
  • Burgess, R. C., Small, M. P., Computer
  • Security in the Workplace, SEO Press, 21, 2005.
  • Shimonski, R. J., Johnson, N. L., Crump, R. J.,
  • Security+, Syngress Publishing, 142-143,
  • December 1, 2002.
  • Bennett, J., Digital Umbrella: Technology's
  • Attack on Personal Privacy in America, Brown
  • Walker Press (FL), 47-50, September 1, 2004.
  • Gralla, P., Windows XP Hacks, O'Reilly, 152-
  • , April 1, 2005.
  • İnternet: Sanal Dolandırıcılıkta Son Nokta
  • Phishing, İstanbul Emniyet Müdürlüğü.
  • http://www.iem.gov.tr/iem/?idno=147, Mayıs
  • -
  • İnternet: Consumer Online: Home > Scams >
  • Major Scams,
  • http://www.consumer.org.nz/topic.asp?docid=25
  • &category=&subcategory=&topic=Scams&title
  • =Major%20Scams&contenttype=summary ,
  • Eylül 2005.
  • Brown, S., The Complete Idiot's Guide to
  • Private Investigating, Alpha Books, 144-146,
  • October 1, 2002.
  • Jones, S., Encyclopedia of New Media: An
  • Essential Reference to Communication and
  • Technology, Sage Publications Inc, 212-216,
  • December 10, 2002.
  • Orebaugh, A. D., Ethereal Packet Sniffing,
  • Syngress Publishing, 6-10, 27-28, February 17, 2004.
  • Garfinkel, S., Web Security, Privacy &
  • Commerce, 2nd Edition, O'Reilly, 216-221,
  • November 1, 2001.
  • İnternet: Macromedia Flash content reaches
  • 3% of Internet viewers, Flash Player
  • Penetration Survey, March 2005, NPD Research.
  • http://www.macromedia.com/software/player_ce
  • nsus/flashplayer/ , Haziran 2005.
  • Petersen, J. K., Understanding Surveillance
  • Technologies, CRC Press, 2-9, September 21,
  • -
  • İnternet: Self Replicating Wabbits – Sounds
  • Strange. Brings Chaos, SYL Articles,
  • http://articles.syl.com/selfreplicatingwabbitssoun
  • dsstrangebringschaos.html, Eylül 2005.
  • Chuvakin, A., Peikari, C., Security Warrior,
  • O'Reilly, 324, January 12, 2004.
  • Furnell, S., Ward, J., Malware comes of age:
  • The arrival of the true computer parasite,
  • Network Security, 11-15, October 2004.
  • Williamson, D., Deconstructing malware: what
  • it is and how to stop it, Information Security
  • Technical Report. Vol. 9, No. 2, 27-34, 2004.
  • Levenhagen, R., Trends, codes and virus attacks
  • - 2003 year in review, Network Security, Vol.
  • , No. 1, 13-15, January 2004.
  • Hacker 2004 Raporu, Chip Dergisi, Nisan 2004,
  • -61, 2004.
Toplam 186 adet kaynakça vardır.

Ayrıntılar

Birincil Dil Türkçe
Bölüm Makaleler
Yazarlar

Gürol Canbek Bu kişi benim

Şeref Sağıroğlu Bu kişi benim

Yayımlanma Tarihi 15 Şubat 2013
Gönderilme Tarihi 15 Şubat 2013
Yayımlandığı Sayı Yıl 2007 Cilt: 22 Sayı: 1

Kaynak Göster

APA Canbek, G., & Sağıroğlu, Ş. (2013). KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA. Gazi Üniversitesi Mühendislik Mimarlık Fakültesi Dergisi, 22(1).
AMA Canbek G, Sağıroğlu Ş. KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA. GUMMFD. Mart 2013;22(1).
Chicago Canbek, Gürol, ve Şeref Sağıroğlu. “KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA”. Gazi Üniversitesi Mühendislik Mimarlık Fakültesi Dergisi 22, sy. 1 (Mart 2013).
EndNote Canbek G, Sağıroğlu Ş (01 Mart 2013) KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA. Gazi Üniversitesi Mühendislik Mimarlık Fakültesi Dergisi 22 1
IEEE G. Canbek ve Ş. Sağıroğlu, “KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA”, GUMMFD, c. 22, sy. 1, 2013.
ISNAD Canbek, Gürol - Sağıroğlu, Şeref. “KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA”. Gazi Üniversitesi Mühendislik Mimarlık Fakültesi Dergisi 22/1 (Mart 2013).
JAMA Canbek G, Sağıroğlu Ş. KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA. GUMMFD. 2013;22.
MLA Canbek, Gürol ve Şeref Sağıroğlu. “KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA”. Gazi Üniversitesi Mühendislik Mimarlık Fakültesi Dergisi, c. 22, sy. 1, 2013.
Vancouver Canbek G, Sağıroğlu Ş. KÖTÜCÜL VE CASUS YAZILIMLAR: KAPSAMLI BİR ARAŞTIRMA. GUMMFD. 2013;22(1).