KYAMBOGO UNIVERSITY

P.O. BOX 1, KYAMBOGO – KAMPALA, UGANDA

Website: www.kyu.ac.ug

DEPARTMENT OF COMPUTER SCIENCE

BACHELORS OF INFORMATION TECHNOLOGY AND COMPUTING

COURSE UNIT: NETWORKING MANAGEMENT CONCEPTS AND SECURITY

TOPIC: CORRUPTED MOBILE CODES

GROUP 3 REPORT

NAMES REGISTRATION NUMBER SIGNATURE

WINENA JOANN JO 23/U/ITD/13522/PD
KAYOMBYA ATUHAIRE 23/U/ITE/06740/PE
KENNETH
NIMARO ISAAC 23/U/ITD/11124/PD
OTONG R GERALD 23/U/ITE/12239/PE
NAMBASSA REBECCA 24/U/ITD/545/GV
INGRID
NATUKUNDA FRIDAH 23/U/ITD/10896/PD
NGOONZI PRIMAH 24/U/ITD/1532/PD

AHAISIBWE KIZITO 23/U/ITD/03033/PD

SSEMPIJJA MARVIN 23/U/ITD/12698/PD
ISABIRYE ALEX 23/U/ITD/06012/PD
MUGABI FELIX 23/U/ITD/08218/PD
NYAMER LYNNETTE 23/U/ITD/11443/PD
MARIA
KINTU MOSES 23/U/ITE/06997/PE
INTRODUCTION:

This report briefly gives an overview of corrupted codes and malicious software (malware) giving
some of their types, how they emerged and their impact on the computer systems.

Corrupted Codes:

Corrupted Codes refer to the data that has been altered unintentionally or maliciously during
transmission or storage. This corruption can compromise the integrity and reliability of the data.

Malware:

Malware is any software intentionally designed to cause disruption to a computer, server, client,
or computer network, leak private information, gain unauthorized access to information or
systems, deprive access to information, or which unknowingly interferes with the user’s computer
security and privacy.

Types of Malware:

Virus: A virus is the most common type of malware that can execute itself and spread by infecting
other programs or files.

Worm: A worm can self-replicate without a host program and typically spreads without any
interaction from the malware authors.

Trojan Horse: A trojan horse is designed to appear as a legitimate software program to gain access
to a system. Once activated following installation, trojans can execute their malicious functions.

NOTE: These malicious programs steal, encrypt and delete sensitive data, alter or hijack core
computing functions, and monitor end users’ computer activity.

History of Malware:

The term malware was first used by computer scientist and security researcher Yisrael Radai in
1990. However, malware existed long before this.

One of the first known examples of malware was the Creeper virus in 1971, which was created as
an experiment by Raytheon BBN (formerly BBN Technologies) engineer Robert Thomas. Creeper
was designed to infect mainframes on ARPANET. While the program didn’t alter functions or steal

1
or delete data, it moved from one mainframe to another without permission while displaying a
teletype message that read, “I’m the creeper: Catch me if you can.”

Creeper was later altered by computer scientist Ray Tomlinson, who added the ability to self-
replicate to the virus and created the first known computer worm.

The concept of malware took root in the technology industry, and examples of viruses and worms
began to appear on Apple and IBM PCs in the early 1980s before becoming popularized following
the introduction of the World Wide Web and the commercial internet in the 1990s. Since then,
malware – and the security strategies to prevent it – have only grown more complex.

Similar programs to malware:

There are other types of programs that share common traits with malware but are distinctly
different. These include;

➢ Grayware.
➢ Browser hijackers.
➢ Tracking cookies.
➢ RATs.

Malware can infect networks and devices and is designed to harm those devices, networks and
their users in some way. Depending on the type of malware and its goal, this harm might present
itself differently to the user or endpoint. In some cases, the effect of malware is relatively mild and
benign, and in others, it can be disastrous.

Malware can typically perform the following harmful actions;

✓ Data exfiltration.
✓ Identity theft.
✓ Service disruption.
✓ Stealing resources.
✓ Data espionage.
✓ System damage.

NOTE: The purpose of this report is to define, classify, and explore historical implications of
viruses, trojan horses, worms, and corrupted codes.

2
Corrupted Codes:

Corrupted Codes refer to the data that has been altered unintentionally or maliciously during
transmission or storage. This corruption can compromise the integrity and reliability of the data.

Types of Corrupted Codes:

1. Transmission or Communication Errors:

Data corruption can occur during transmission when information is transferred across networks
and altered unintentionally due to network issues. Common types of corrupted codes in this
category include the following;

✓ Bit flipping, Packet Loss or Duplication.

2. Malicious Data Corruption (Intentional Attacks):

This occurs when an attacker intentionally corrupts data to exploit a system or disrupt services.
Some examples include;

✓ Man-In-The-Middle (MITM) Attack, Buffer Overflow Attack.

3. Corruption due to Software bugs or misconfigurations:

Software vulnerabilities or incorrect configurations in network protocols can introduce data

corruption during transmission or storage. These issues may arise unintentionally but can lead to
severe data integrity. Examples include;

✓ Protocol mismatch, File System Corruption.

4. Cryptographic Attacks:

Data encryption is used to protect information, but attackers may attempt to corrupt or manipulate
encrypted data to gain unauthorized access or cause disruption. Examples of these attacks include
the following;

✓ Cryptographic Integrity Attacks (Message modification), Reply Attacks.

3
Computer Viruses:

A Computer virus is a self-replicating malicious program that attaches itself to other programs or
files and can spread from computer to computer. Computer viruses can cause various types of
damage, ranging from slowing down system performance to deleting or corrupting files.

How viruses function.

➢ Self-Replication: Computer Viruses are capable of creating copies of themselves, allowing

them to spread and infect multiple systems.

➢ Infection Mechanisms: Computer viruses typically infect systems by;

✓ Attaching to executable files: When an infected file is executed, the virus code is also
executed.

✓ Infecting boot sectors: Computer viruses can infect the boot sector of a disk, ensuring that
they are executed when the system starts.

✓ Spreading through email attachments: Computer viruses can be attached to email

messages and spread when the infected attachment is opened.

Classification of Computer Viruses.

a. Polymorphic Viruses: These viruses can change their code to avoid detection by antivirus
software.

b. Macro Viruses: These viruses are embedded in documents or spreadsheets and execute when
the document is opened.

c. Stealth Viruses: These viruses attempt to hide their presence from detection by antivirus
software or other security tools.

d. Boot Sector Viruses: These viruses infect the boot sector of a disk ensuring that they are
executed when the system starts.

Trojan Horses:

Trojan horses are malicious programs disguised as legitimate software. Unlike viruses, trojan
horses do not self-replicate but rely on user interaction to spread. They often come bundled with

4
legitimate software or are presented as useful tools. Once installed, they can perform harmful
actions without the user’s knowledge.

Classifications of Trojan Horses.

a. Backdoor Trojans: These trojans create a backdoor on the infected system, allowing
unauthorized access to sensitive data or control over the system.

b. Banking Trojans: These trojans target online banking systems, stealing financial information
like login credentials and account details.

c. Spyware Trojans: These trojans secretly monitor user activity, collecting data such as
keystrokes, browsing history, and personal information.

d. Remote Access Trojans (RATs): These trojans give attackers remote control over the infected
system, allowing them to execute commands, steal data, use the system for malicious activities.

Mechanism of Spreading.

• Disguise: Trojan horses are often disguised as legitimate software, such as games. They may
use social engineering techniques to trick users into downloading and installing them.

• Exploitation: Some trojans exploit vulnerabilities in operating systems or applications to gain

access to system. Others may rely on user interaction, such as clicking on malicious links.

• Payload: Once installed, the trojan horse executes its malicious payload. This could involve
stealing data, installing other malware, or taking control of the system.

Worms:

Worms are self-replicating malicious programs that spread independently across computer
networks without human intervention. They exploit vulnerabilities in network protocols or
software to propagate themselves, often causing significant disruption and damage.

Classifications of Worms.

a. Internet Worms: These worms spread across the internet by exploiting vulnerabilities in
network protocols like HTTP, FTP, or SMTP. They can rapidly infect large numbers of
computers, overwhelming networks and services.

5
b. Email Worms: These worms spread through email attachments, often disguised as harmless
files. When an infected email is opened, the worm can execute and infect other computers on
the recipient’s network.

c. Instant Messaging Worms: These worms spread through instant messaging applications like
WhatsApp, Telegram, or Skype. They can exploit vulnerabilities in these applications or trick
users into clicking on malicious links.

Mechanism of Spreading.

Worms typically follow a self-replicating cycle:

• Infection: The worm exploits a vulnerability in a system or application to gain access.

• Propagation: The worm scans the network for vulnerable systems and attempts to infect
them, often using automated techniques.

• Replication: The worm copies itself to the infected system and may execute malicious
code.

• Persistence: The worm may attempt to persist on the infected system, making it difficult
to remove.

Signs and symptoms of malicious software on a computer

➢ Sudden loss of disk space.

➢ Unusual slowing of the computer system.

➢ Repeated system crashes or freezes.

➢ Changes in file names and sizes.

➢ Pop-up of unwanted messages and advertisements.

➢ Programs opening and closing by themselves.

➢ Changed browser settings and redirects.

➢ Disabled security features in firewalls and antivirus software.

6
Impacts of Malware on Network Security.

✓ Sensitive information compromised: Malware can steal confidential data, including

personal information, financial records, trade secrets, and intellectual property.

✓ Data encryption: Ransomware encrypts data, making it inaccessible until a ransom is

paid. This can lead to significant financial losses and disruption.

✓ System crashes: Malware can cause systems to crash or malfunction, leading to downtime
and productivity losses.

✓ Network congestion: Malware can consume network bandwidth, slowing down network
performance and impacting other users.

✓ Denial of Service (DoS) attacks: Some malware can launch DoS attacks, overwhelming
network resources and preventing legitimate users from accessing services.

How to prevent malware infections.

a. Use of antivirus software: Installing antivirus software is crucial when protecting network
devices and computers from malware infections as it detects and removes malicious programs.

b. Use of firewall: Users should enable or configure a firewall on their network router to monitor
and control incoming and outgoing network traffic. Firewalls can help block unauthorized
access and protect against the spread of malware.

c. Avoid dubious websites: Users should be selective when browsing online and avoid websites
that seem risky, such as those that offer screensavers for download.

d. Perform regular backups: Users should do regular offline backups to ensure the most recent
version of data can’t be breached but it is available to be recovered after a malware attack.

e. Keep software up-to-date: Regularly update operating systems, applications and security
software to patch vulnerabilities.

7
Recommendations

To prevent malware and corrupted code, it's essential to implement several key strategies. First,
install reputable antivirus and anti-malware software, and keep them updated with the latest threat
definitions. Regular system updates are critical to patch vulnerabilities in your operating system
and software. Use firewalls to block unauthorized access to your network, reducing malware risks.
Additionally, regularly backup data using both local and cloud storage solutions. Secure coding
practices are crucial if you're developing software, as they help prevent vulnerabilities. Educating
users on how to recognize phishing attacks, suspicious links, and unsafe downloads can
significantly reduce human errors that lead to malware infections.

If malware or corrupted code is detected, several remediation and recovery strategies should be
employed. Utilize specialized malware scanners to detect and remove infections, and conduct
thorough code reviews with version control systems to identify and rectify corrupted code.
Sandbox testing can help analyze suspicious files in a safe environment. Regularly monitor system
logs for unusual activity, and set up alerts for potential breaches. In severe cases, reinstalling the
operating system after backing up important data may be necessary. For recovery, use data
recovery tools or restore from backups if files are corrupted, and consult cybersecurity
professionals if the issue is complex. Having an incident response plan in place will ensure you're
prepared for future incidents.

8
Conclusion

Mobile corrupted codes pose significant risks to the security and functionality of devices,
potentially leading to data breaches, unauthorized access, and system failures. These issues often
arise from vulnerabilities in apps, unsafe downloads, or malicious software. Preventive measures
such as regular updates, secure coding practices, and user education are essential to minimize risks.
In the event of corruption, prompt remediation with tools like malware scanners, sandbox testing,
and system monitoring can help contain the damage. Ultimately, combining prevention, detection,
and recovery strategies ensures a more robust defense against the threats posed by mobile
corrupted codes.

9
References

1. https://www.datacore.com/ visited on 27th September,2024. At 6:23 pm.

2. https://www.essentialtech.com.au/blog/5-most-common-network-security-risks visited on
25th September, 2024. At 10:45 am.

3. https://finchumfixesit.com/ visited on 30th September, 2024 at 1:32.

4. https://techcommunity.microsoft.com/t5/windows-11/how-to-recover-data-from-a-
corrupted-hard-drive-on-windows-11/td-p/4091084 visited on 27th September,2024. At
4:48pm.

5. www.netacad.com visited on 2nd October, 2024 at 4:45 pm

6. https://www.shutterstock.com/search/corrupted-code visited on 2nd October, 2024 at 2:18

pm.

7. James Kurose, Keith Ross, (2020), Computer Networking: A Top-Down Approach &
Quote, NIST Publications, 7th Edition.

8. William Stallings, (2016), Network Security Essentials: Applications and Standards,

Pearson Publishers, 6th Edition.

9. William Stallings, Lawrie Brown, (2019), Computer Security: Principles and Practices,
Pearson, 4th Edition.

10