Introduction to computer science 2016

Chapter seven

Computer security

7.1 Introduction to computer security

Since prevention is always more than cure (treatment), but if infection occurred in some
way we will also see some security mechanisms to help avert the situation. All security
mechanisms don’t solve all types of computer security dangers.

What is computer security?

Computer security refers to the set of techniques developed to help protect single and network
linked computers from accidental or intentional harm.

A computer system can be damaged due to accidental or intentional hardware and software
malpractice.

Computer security also involves issues pertaining to human error, loss of training and criminal
activities like creating computer viruses and an attempt to access confidential information by
unauthorized individuals.

General computer hazards

Computer hazards range from the destruction of the computer hardware and hence loss of data
due to natural disaster to the modification and theft of confidential information on the computer.
Currently computer security has become a very serious issue in the Information and
communication technology realm. All your files of years of work can be lost forever in a fraction
of seconds after infection by a malicious computer virus.

There are numerous cases where very big organizations and businesses have lost their thousands
of customers’ data. The types of computer security danger are also escalating. Since computers
have become ubiquitous in this era, the hazard concerns every field. In today’s world where busy
air traffic and nuclear weapons are controlled by computers a failure on computer system means
an utter disaster.

In education, computers are being used for various purposes and teachers could use computers
for storing their notes and students result; and hence a concern of its own. Besides to this, the
fact that teachers are using computers for preparing examinations poses another security
concern-data theft.
Generally, hazards to the computers can be categorized into three major categories.
A. Physical hazards
B. Malicious programs
C. Intruder

Prepared by :Lingerew B. Page 1

 Introduction to computer science 2016

A. Physical hazards

Damages to the computer’s hardware can be caused due to the number of reasons; among which
fire and flood being the most prominent ones. There are lots of cases where accidents and natural
disasters have destroyed years of accumulated data. Besides to such kinds of catastrophic events,
computer’s hardware can also be damaged due to excessive heat, dust and moisture. On a typical
desktop computer, for example, there are two fans: one on top of the processor and the other at
the power supply.

Their main purpose is to cool down the system. Without these fans cooling, the very heat
generated by the system can easily disrupt it. In the case of the mainframe and super computers
the case is too severe. Due to their powerful processing capacity the heat generated by these
computers is enormous. Therefore, to save the computer system from damage such kinds of
computers are placed in an air conditioned environment.

Dust and moisture can also corrupt the computer’s hardware. Hence, the computer hardware has
to be placed in a dust and moisture free environment. The other hazard involves the power issue.
When power is interrupted suddenly, data loss can occur immediately. Power fluctuations can
also damage the computer system. To avert such kind of situations power saving and regulating
devices like UPSs (Uninterruptible Power Supply) have to be used.

B. Malicious programs

There are lots of malicious programs written to disrupt the computer system. Among which the
most important ones are the following:

I. Computer virus is a set of computer program instructions that attaches itself to a host program
or file, copies itself and attacks a computer system. A virus can only spread from one computer
to another when its host is taken to the uninfected computer, for instance by a user sending it
over a network or the internet, or by carrying it on a removable medium such as floppy disc, CD,
or USB drive.

Computer viruses operate, replicate, and cause damage only when they are run. That
means, if an infected computer file is residing on the computer’s hard disc, or is simply attached
to an infected computer network or downloading an infected program, it will not necessarily
become infected. Computer viruses activate when the instructions—or executable code—that run
programs are opened. When an infected file or program is opened, the virus’ code will also be
opened on RAM. Then the processor follows the virus’ instruction that orders it to replicate,
infect other files and cause any damage.

Once a virus is active, it may replicate by various means and tries to infect the
computer’s files or the operating system. For example, it may copy parts of itself to floppy disks,
to the computer’s hard drive, into legitimate computer programs, or it may attach itself to e-mail
messages and spread across computer networks by infecting other shared drives.

Prepared by :Lingerew B. Page 2

 Introduction to computer science 2016

Since a computer user is not likely to knowingly run potentially harmful computer code, viruses
often trick the computer's operating system or the computer user into running the viral program
by attaching themselves to otherwise legitimate programs. This attachment may occur when the
legitimate program is created, opened, or modified. When that program is run, so is the virus.

Viruses can also reside on portions of the hard disk or floppy disk that load and run the operating
system when the computer is started, and such viruses thereby are run automatically. In computer
networks, some viruses hide in the software that allows the user to log on (gain access to) the
system.

Types of viruses

 Parasitic or file viruses infect executable files or programs that are identified by the
extension .exe.

 Bootstrap-sector viruses reside on the first portion of the hard disk or floppy disk, known as
the boot sector. These viruses replace either the programs that store information about the
disk's contents or the programs that start the computer. Typically, these viruses spread by
means of the physical exchange of floppy disks.

 Multi-partite viruses combine the abilities of the parasitic and the bootstrap-sector viruses,
and so are able to infect either files or boot sectors. These types of viruses can spread if a
computer user boots from an infected diskette or accesses infected files.

Besides those mentioned above, there are also other types of viruses.

II. Worm is a malicious program similar to a virus but is a self-contained program that
transports itself from one computer to another through networks. Unlike a virus, worms don’t
need to attach themselves to an existing program. While viruses corrupt or modify files on a
computer, worms copy themselves exceedingly and cause the computer to be extremely slow.
Worms also cause harm to the network by consuming its bandwidth.

III. Trojan horse is a program that pretends to be something interesting and harmless, such as a
game, but when it runs it may have harmful effects. Unlike virus or worms, Trojan horse
programs don’t replicate themselves. Instead, they might lie dormant for months before they are
activated and do something devious to the computer.

IV. Logic bomb is a piece of malicious program that delivers its instruction and cause damage
when it is triggered by a specific condition, such as when a particular date or time is reached or
when a combination of characters is typed on a keyboard. Uunlike a virus, logic bomb does not
replicate itself.

There are also other types of malicious programs among which the most prominent ones are:
spywares that covertly gather user information through the user’s internet connection without his
or her knowledge and adware, a form of spyware that collects information about the user in

Prepared by :Lingerew B. Page 3

 Introduction to computer science 2016

order to display advertisements in the web browser based on the information it collects from the
user’s browsing patterns.

C. Intruders(Hackers / crackers)

Are individuals who are well versed in computing and are engaged in various kinds of
criminal activities ranging from writing virus programs to the data and identity theft.

Hackers
A hacker is a person who gains access to a system illegally. Hackers usually gain access to a
system through a network, but sometimes they will physically enter a computer or network
facility.
Skilled technicians also called themselves, which does not mean their ability to break into
computers and networks, but rather to their technical skill for computer programming and
making a system perform in innovative and productive ways. Hackers who break into systems
also have good technical skills, but have chosen to apply them in undesirable [often-illegal]
ways.The increased frequency of hacking, coupled with the newness of the problem as an issue
of law, has led many governments to publish legislation in place to deal with this form of
computer crime.
Protection against intrusion by Hackers
There is always the possibility that the individual responsible for a computer crime are
disgruntled former employees. Hence good security means looking inside company as well as
outside company.
Preventing unauthorized access to a system entails having good physical security. Hiring honest,
reliable people is an obvious starting point.
Techniques helpful in deterring intrusion by Hackers
1. Change access passwords frequently
2. Allow workers access to only the system functions they need to use
3. Permit workers to access only the data that they need to use
4. Establish physical security systems
5. Separate critical processing functions so that more than one person must be involved
6. Encrypt data by scrambling or coding information.
7. Adopt procedural controls
8. Keep staff well informed through education programs

Prepared by :Lingerew B. Page 4

 Introduction to computer science 2016

9. Audit system activities

10. Keep a log of all transactions and user activities

Due to this, hackers argue that those guys who are involved in this kind of criminal activity
should be called crackers. Although hackers still argue this way the media and the majority of
the information technology community is using the term interchangeably.

Some of the attack mechanisms are physical ones like direct visual observation of monitor
displays to obtain access. The other most important attack mechanisms include the following:
o Getting one computer on a network to pretend to have the identity of another computer,
usually one with special access privileges, so as to obtain access to the other computers
on the network.
o Accessing a computer by pretending to have an authorized user identity
o Electronic monitoring of digital networks to uncover passwords or other data
o Overloading a system with lots of incoming message or other traffic to cause system
crash (Internet service saturation)

For the above first two attacks hackers employ tools like automatic password guessers that tries
millions of combination of characters in an effort to guess a computer’s password and
vulnerability testers that look for software weaknesses. But these crime tools can also be used as
valuable security tools for testing the security of computers and networks.

An increasingly common hacker tool that has gained widespread public attention is the computer
service saturator, used in denial-of-service attacks, which can shut down a selected or targeted
computer on the Internet by bombarding the computer with more requests than it can handle.
This tool first searches for vulnerable computers on the Internet where it can install its own
software program. Once installed, the compromised computers act like “zombies” sending usage
requests to the target computer.

If thousands of computers become infected with the software, then all would be sending usage
requests to the target computer, overwhelming its ability to handle the requests for service.
Another security concern that especially deals with an internet message involves spam messages
that are unsolicited email messages that consumes disc space, bandwidth and create other
inconveniences on the user.

A variety of simple techniques can help prevent computer crimes, such as protecting computer
screens from observation, keeping printed information (For example, about the computer’s
security features like passwords) and computers in locked facilities, backing up copies of data
files and software, and clearing desktops of sensitive information and materials. Increasingly,
however, more sophisticated methods are needed to prevent computer crimes. In the following
section important computer security mechanisms will be discussed.

7.2 Security mechanisms

Prepared by :Lingerew B. Page 5
 Introduction to computer science 2016

There are various ways that we can use to help protect our computer’s hardware, software and
data from numerous possible hazards. Since prevention is better and easier to deal with than
trying to cure after infection, most of the security mechanisms that would be discussed here deals
with prevention. All security mechanisms don’t solve all the security threats. Therefore, each of
the following security mechanisms will be treated with its respective threat type that would avert
it.

A. Back up

Is the most important security mechanism of all since computer systems can fail in number of
ways and the only way that we can restore the loss is from what we have stored as back up.
Storing backup copies of software and data and having backup computer and communication
capabilities are important basic safeguards because the data can then be restored if it was altered
or destroyed by a computer crime or accident. Computer data should be backed up frequently and
should be stored nearby in secure locations in case of damage at the main site. Transporting
sensitive data to storage locations should also be done securely.

B. Antivirus software

Is computer programs that attempt to identify, neutralize or eliminate malicious software.

Antivirus is so named because the earliest examples were designed exclusively to combat
computer viruses; however, most modern antivirus software is now designed to combat a wide
range of threats including worms, Trojan horses, other malwares and password theft attempts
like Phishing. The installation of well-designed and recent antiviral software can help prevent a
viral infection and thereby help stop its spread. Since new viruses and other threats are appearing
each day the antiviral software need also be updated regularly. The update mostly contains the
characteristics of the new viruses and threats.

Antivirus software typically uses two approaches to combat threats. The first one is examining
(scanning) files to look for known viruses; and the second one deals with a heuristic approach of
identifying suspicious behavior from any computer program that might indicate infection. Since
malicious programs enter into your computer though removable storages and a network, it is
recommended to scan before letting the files to enter into your computer.

A full computer scan is also highly advised. Though you have a recent and well-designed
antivirus software on your computer, you shouldn’t ignore being cautious to computer security
threat. The reason for this is that while an antivirus program alerts you to many viruses that may
find their way to your home computer, there will always be a lag between when a virus is
discovered and when anti-virus program vendors provide the new virus signature as an update.
This means that you shouldn’t rely entirely on your anti-virus program and must continue to
exercise care.

C. Fire wall

Prepared by :Lingerew B. Page 6

 Introduction to computer science 2016

Is a device or software that blocks unauthorized access to the single or network linked computers
based on a set of rules and other criteria. The firewall acts much like a guard when it looks at
network traffic destined for or received from another computer. The firewall determines if that
traffic should continue on to its destination or be stopped.

A firewall can reside on the administrative computer (the server) that acts as the local area
networks gateway to the Internet or it can be a dedicated computer placed between the local area
network and the Internet, so that the network is never in direct contact with the Internet. The
firewall also keeps track of every file entering or leaving the local area network in order to detect
the sources of viruses and other problems that might enter the network.

Computers connected to communication networks, such as the Internet, are particularly

vulnerable to electronic attack because so many people have access to them. These computers
can be protected by using firewall computers or software placed between the networked
computers and the network. The firewall examines, filters, and reports on all information passing
through the network to ensure its appropriateness.

D. Use of password and authentication methods

Another technique to help prevent abuse and misuse of computer data is to limit the use of
computers and data files to approved persons. Security software canverify the identity of
computer users and limit their privileges to use, view, and alter files. The software also securely
records their actions to establish accountability. It is also possible to give different levels of
access to the same type of data where some users can only be able to see the document while
others have the right to modify.

In a typical school scenario, for example, a teacher who prepare an exam can give the same exam
document to the fellow teacher teaching the same subject and the department head; where the
fellow teacher has the access to see and modify the exam document while the department head
(whom is supposed only to comment on it) has the access of only seeing the document.

This is all can be done using passwords. Passwords are confidential sequences of characters that
allow approved persons to make use of specified computers, software, or information. To be
effective, passwords must be difficult to guess and should not be found in dictionaries. Effective
passwords contain a variety of characters and symbols that are not part of the alphabet. To thwart
imposters, computer systems usually limit the number of attempts and restrict the time it takes to
enter the correct password.

In a certain work environment, using passwords and the associated authentication methods, it is
also possible to use a given personal computer among many users. In this case each user will
have his/her own user account and password; and hence it would be possible to share the
computer without compromising the safety of individual users’ data.

Prepared by :Lingerew B. Page 7

 Introduction to computer science 2016

Currently the use of passwords is being reinforced by other kinds of biometrics techniques like
the use unique personal characteristics, such as fingerprints, retinal patterns, facial
characteristics, or voice recordings.

E. Encryption

Another technique to protect confidential information is encryption. Computer users can

scramble information to prevent unauthorized users from accessing it. Authorized users can
unscramble the information when needed by using a secret code called a key. Without the key
the scrambled information would be impossible or very difficult to unscramble. Internet
communication has lots of loop holes and we can’t be sure if what we have sent for someone is
accessed by another, whom we didn’t address the message for.

Prepared by :Lingerew B. Page 8