Chapter 7
Computer security
Security: The prevention and protection of computer assets from unauthorized access,
use, alteration, degradation, destruction, and other threats.
• Computer systems should have a set of protection policies to restrict and control
the system resources
• Considering:
– Unauthorized access
– Malicious modification or destruction
– Accidental introduction of inconsistency
Security Goals
• Data Confidentiality
– Is concerned with having secret data remain secret
• Data Integrity
– Unauthorized users should not be able to modify any data without the
owners permission
– Includes removing data and adding false data
• System Availability
– Means nobody can disturb the system to make it unusable
Computer security threats
A computer security threat is any person, act, or object that poses a danger to
computer security
Computer world is full of threats!
• Denial of Service
– Blocking access from legitimate users
– Overload the targeted computer preventing it from doing any useful work
• Hacking:
– Any attempt to gain unauthorized access to your system
• Trap door
– Created by code inserted into system by a system programmer to bypass
some normal checks
– Specific user identifier or password that circumvents normal security
procedures
1|Page
� • Viruses
– “A small program that replicates and hides itself inside other programs
usually without your knowledge.”
– It gets attached to some part of an operating system or any other computer
program.
– It may attach itself to any executable code, including but not limited to
boot sectors and /or partition sectors of hard and/or floppy disks.
– A computer virus can perform:
• corrupt or destroy data
• increase file size
• format the hard disk
• degrade system performance
• manipulate the directory contents
• rename all files with different name
Types of viruses
1. Multi-Partite
• A virus that attempts to attack both the boot sector and the executable, or
program, files at the same time.
• When the virus attaches to the boot sector, it will in turn affect the system’s files,
and when the virus attaches to the files, it will in turn infect the boot sector.
• Such viruses are highly infectious.
2. Companion Virus
• A virus which infects executable files by creating a ‘companion’ file with the
same name but an .COM extension.
• Since DOS executes .COM files, followed by .EXE files, and finally .BAT files,
the virus loads before the executable file.
3. Boot sector or MBR virus
• A virus which infects the boot sector of disks
Boot sector
• Hard disk drives, floppy diskettes, and logical drives (partitions) all have boot
sectors where critical drive information is stored.
Master Boot Record
• On all PC fixed disks, the first physical sector is reserved for a short bootstrap
program. This sector is the master Boot (MBR).
2|Page
�4 . Stealth Virus
• A computer virus that actively hides itself from antivirus software by either
masking the size of the file that it hides in or temporarily removing itself from the
infected file and placing a copy of itself in another location on the drive, replacing
the infected file with an uninfected one that it has stored on the hard drive.
• A stealth virus is one that conceals the changes it makes
• A stealth virus is programmed as such that it is able to conceal itself from
discovery or defends itself against attempts to analyze or remove it
5. Macro Virus
• A macro virus is a virus written in one of the many macro languages.
• The macro viruses spread via infected files, which can be documents,
spreadsheets, databases, or any computer program which allows use of a macro
language.
• At present these viruses can infect Microsoft Word and Lotus Ami Pro
documents.
• This virus attaches itself to a word processing or spreadsheet file(mainly
Microsoft Word or Excel file)
6 .Trojan, Trojan Horse
• A Trojan (or Trojan Horse) is a program which carries out an unauthorized
function while hidden inside an authorized program.
• It is designed to do something other than what it claims to, and frequently is
destructive in its actions
• Seemingly innocent program contains code to perform an expected and
undesirable action
• Code segment that misuses its environment
• Exploits mechanisms for allowing programs written by users to be executed by
other users
7. Worm
• An independent program that reproduces by copying itself from one computer to
another
• Worms are self-contained and generally use networks to spread.
• Self replicating program
Remedy for viruses
1. Isolate the machine
• disconnecting it from the Internet or any other network
• not using any floppy disks, CD-ROMs or any other removable disks
2. Install Antivirus program
3|Page
� • Antivirus software is a software utility, which (upon installing on a computer)
searches the hard disk for viruses and removes which are found.
• Popular antivirus software programs available are Norton and McAfee Antivirus
programs
• Functions of anti-viruses
o Identification of known viruses
o Detection of suspected viruses
o Blocking of possible viruses
o Disinfection of infected objects
o Deletion and overwriting of infected objects
Computer security controls/Making the system Secure
• Authentication
– Using passwords, smart card, fingerprint
• Anti-virus
– Scan the system using anti-virus software
• Firewall
– Limits network access b/n trusted and untrusted hosts
• Encryption
– Encrypt clear text to cipher text
4|Page
