Chapter-4 Virus & Computer Security

Cybersecurity and information assurance refers to measures for protecting the computer system, networks, and information systems from disruption or unauthorized access, use, disclosure, modification, or destruction.
Confidentiality has been defined by the International Organization for Standardization (ISO) as “ensuring that information is accessible only to those authorized to have access” and is one of the cornerstones of information security. Confidentiality is one of the design goals for many cryptosystems, made possible in practice by the techniques of modern cryptography.
Data Integrity means that data is “whole” or complete, and is identically maintained during any operation (such as transfer, storage or retrieval). Data integrity is the assurance that data is consistent and correct.
Authentication is a security measure designed to establish the validity of a transmission, message, document or originator, or a means of verifying an individual’s authorization to receive specific categories of information.
Technology:-
  1. Types of intrusion and intrusion detection system
  2. Firewalls and access control
  3. Cryptography
  4. Digital certificates
  5. Biometrics
  6. Digital authentication and Public Key Infrastructure (PKI)
  7. Data assurance and disaster recovery
Tools:-
  1. Cryptography systems
  2. Identification and authentication systems
  3. Operating system security
  4. E-commerce security tools and strategies
  5. Firewalls and proxy servers
  6. Anti-malware and anti-spyware technology
  7. Anti-piracy techniques
  8. Network traffic analysis tools
Attack:-
  1. Exploiting passwords and poor configurations
  2. Software bugs
  3. Trojan horses
  4. IP address spoofing
  5. Distributed attacks
Trojan horse:- A piece of code that misuses its environment. The programs seem innocent enough, however, when the executed unexpected behavior occurs.
Trap Doors:- Inserting a method of breaching security in a system. For Instance, some secret set of input to a program might provide special privileges.
Threat monitoring:- Look for unusual activity. Once access is gained, how do you identify someone acting in an unusual fashion?
Worms:- use spawning mechanism; standalone programs.
Internet Worm:- In the internet worm, Robert Morse exploited UNIX networking features (remote access) as well as bugs in a finger and send mail programs. Grappling hook program uploaded the main worm program.
Viruses:- Fragment of code embedded in a legitimate program. Mainly effects personal PC systems. These are often downloaded via e-mail or as active components in web pages.
Firewall:- A mechanism that allows only certain traffic between trusted and untrusted systems. Often applied to a way to keep unwanted internet traffic away from a system.
Viruses: – viruses are computer programs that are designed to spread themselves from one file to another on a single computer. A virus might rapidly infect every application file on an individual computer, or slowly infect the documents on that computer, but it does not intentionally try to spread itself from that computer to other computers. In most cases, that’s where humans come in., we send e-mail document attachments, trade programs on diskettes, or copy files to file servers. When the next unsuspecting user receives the infected file or disk, they spread the virus to their computer, and so on. Worms, on the other hand, are insidious one computer to others. The computer worm is a program that is designed to copy itself from one computer to another over a network (e.g. by using e-mail). The worm spreads itself to computer worms spread much more rapidly than computer viruses.
Types of Virus:-
  • Boot Viruses:- Copies the virus code in the boot sector of the disk, this ensures that the virus is always executed and loaded in the memory when the system starts.
  • Polymorphic Viruses:- Infects the system and change its code before infecting the next system and difficult to detect.
  • Macro Viruses:- A macro having the virus code is executed, it infects the files on the system e.g. W97M Melissa, WM.NiceDay and W97M.Groov.
  • Worms:- Programs that replicate and spread to another system through the network and reside in system memory and affects e-mail system e.g. W32.Mydoom.AX@mm.
  • Trojans:- Program that claims to rid your computer of viruses but instead introduces viruses onto your computer. Allow remote users and hackers to gain unauthorized access to your system.
Installing antivirus software and show how to install-
  • Install an antivirus software to protect PC from viruses;
  • Software such as Panda antivirus Norton, NPAV Antivirus or PC-cillin can be used;
  • Check the reliability and features offered by anti-virus software before installing it on the system;
  • Install Norton Antivirus 2006 software from the CD to protect the system;
  • Norton Antivirus 2006softwares protects and scans your system from viruses;
  • Scans web pages displayed in the browser;
  • Clean viruses in incoming and outgoing emails;
  • Remove spyware software that slows down the system.