Introduction to

Computer Applications

Lecture # 15
 Computer Security Risks
 What is a computer security
risk?

 Event or action that causes loss

of or damage to computer
system
Virus
 A computer virus is a computer program that can
replicate itself and spread from one computer to another.
 The term "virus" is also commonly but misused to refer
to other types of malware, including but not limited to
adware and spyware programs that do not have the
reproductive ability.
 A true virus can spread from one computer to another
(in some form of executable code) when its host is taken
to the target computer; for instance because a user sent
it over a network or the Internet, or carried it on a
removable medium such as a floppy disk, CD, DVD, or
USB drive.
Types of Virus
 Not all computer viruses behave, replicate, or infect
the same way. There are several different categories
of viruses and malware. Below I list and discuss
some of the most common types of computer
viruses.
 Trojan Horse
 Worms
Trojan Horse
 A Trojan horse program has the appearance of having a useful and
desired function. While it may advertise its activity after launching, this
information is not apparent to the user beforehand. Secretly the
program performs other, undesired functions.
 A Trojan Horse neither replicates nor copies itself, but causes damage
or compromises the security of the computer.
 A Trojan Horse must be sent by someone or carried by another
program and may arrive in the form of a joke program or software of
some sort.
 The malicious functionality of a Trojan Horse may be anything
undesirable for a computer user, including data destruction or
compromising a system by providing a means for another computer to
gain access, thus bypassing normal access controls.
Worms
 A worm is a program that makes and facilitates the
distribution of copies of itself; for example, from one disk
drive to another, or by copying itself using email or another
transport mechanism.
 The worm may do damage and compromise the security of
the computer. It may arrive via exploitation of a system
vulnerability or by clicking on an infected e-mail.
Types of virus continued ……
 Bootsector Virus:
A virus which attaches itself to the first part of the hard disk that
is read by the computer upon bootup. These are normally spread
by floppy disks.

 Macro Virus:
Macro viruses are viruses that use another application's macro
programming language to distribute themselves. They infect
documents such as MS Word or MS Excel and are typically
spread to other similar documents.

 Memory Resident Viruses:

Memory Resident Viruses reside in a computers volitale memory
(RAM). They are initiated from a virus which runs on the
computer and they stay in memory after it's initiating program
closes.
Types of virus continued ……
 Rootkit Virus:
A rootkit virus is an undetectable virus which attempts to allow
someone to gain control of a computer system. The term rootkit
comes from the linux administrator root user. These viruses are
usually installed by trojans and are normally disguised as
operating system files.

 Polymorphic Viruses:
A polymorphic virus not only replicates itself by creating multiple
files of itself, but it also changes it's digital signature every time it
replicates. This makes it difficult for less sophisticated antivirus
software to detect.

 Logic Bombs/Time Bombs:

These are viruses which are programmed to initiate at a specific
date or when a specific event occurs. Some examples are a virus
which deletes your photos on Halloween, or a virus which deletes
a database table if a certain employee gets fired.
Stand-Alone Utility Programs
 What is a virus?
 Potentially damaging computer program
 Affects computer without user’s knowledge

• An unusual message or image is displayed on the

computer screen
• An unusual sound or music plays randomly
• The available memory is less than what should be
SIGNS OF available
VIRUS • A program or file suddenly is missing
INFECTION • An unknown program or file mysteriously appears
• The size of a file changes without explanation
• A file becomes corrupted
• A program or file does not work properly
• System properties change
•The operating system runs much slower than usual
 Stand-Alone Utility Programs
 What is an antivirus program?
 Identifies and removes viruses in
memory, storage media, and
incoming files
 Must be updated frequently
 Identifies and removes computer
viruses
 Most also protect against worms
and Trojan horses
 What is an antivirus program?
 What are viruses, worms, and Trojan horses?

Virus is a Worm copies Trojan horse hides Payload

potentially itself repeatedly, within (destructive
damaging using up or looks like event) that is
computer resources legitimate delivered when
and possibly
program shutting down program until you open file, run
computer or triggered infected program,
network or boot computer
Does not with infected disk
Can spread in disk drive
replicate
and
itself on
damage
other
files
computers
How can a virus spread through an e-
mail message?
Step 1. Unscrupulous Step 2. They use
programmers create a the Internet to
virus program. They hide send the e-mail
the virus in a Word message to
document and attach the thousands of users
Word document to an e- around the world.
mail message.

Step 3b. Other users do not

recognize the name of the
Step 3a. Some sender of the e-mail message.
users open the These users do not open the
attachment and e-mail message. Instead they
their computers delete the e-mail message.
become infected These users’ computers are
with the virus. not infected with the virus.
How does an antivirus program inoculate a
program file?

Uses Records
information information
to detect if about program such
virus tampers as file size and Attempts
with file creation to remove
date any detected
Quarantines virus
infected
Keeps file files that it
in separate cannot
area of hard disk remove
 What is a firewall?

 Security system consisting of hardware and/or

software that prevents unauthorized intrusion
 Unauthorized Access and Use
 What are other ways to protect your
personal computer?

 Disable file and

printer sharing on
Internet
connection
 Tips for security
What are some tips for preventing virus, worm, and
Trojan horse infections?
Never open an
Never start a e-mail attachment
Install an antivirus
computer with unless you are
program on all of
removable media expecting it and
your computers
inserted it is from a
trusted source
If the antivirus
Check all
program flags an
downloaded
e-mail attachment Install a personal
programs for
as infected, delete firewall program
viruses, worms,
the attachment
or Trojan horses
immediately
 Backing Up — The Ultimate
Safeguard
 What is a backup?
Duplicate of file, program, or disk

Three-generation
Full backup Selective backup backup
all files in select which files preserves
computer to back up three copies of
important files

In case of system failure or corrupted files,

restore files by copying to original location
Information Privacy
 What are spyware, adware, and spam?
 Spyware is program
placed on computer
without user’s
knowledge
 Adware is a program
that displays online
advertisements
 Spam is bogus
e-mail message sent
to many recipients
Information Privacy
 How can you control spam?

Service that
E-mail filtering
Collects spam in
blocks e-mail
central location
messages from
that you can
designated
view any time
sources

Anti-spam program
Sometimes
Attempts to
removes valid
remove spam
e-mail messages
Questions??