Chapter Six

Computer Security

 Introduction

Since prevention is always more than cure, but if infection occurred in some way we will also see some security mechanisms to help avert the
situation. All security mechanisms don’t solve all types of computer security dangers.

 What is computer security?

Computer security refers to the set of techniques developed to help protect single and network linked computers from accidental or intentional
harm.
A computer system can be damaged due to accidental or intentional hardware and software malpractice.
Computer security also involves issues pertaining to human error, loss of training and criminal activities like creating computer viruses and an
attempt to access confidential information by unauthorized individuals.
There are four issues in Computer Security:
1. Availability: services must be accessible and available to properly authorized user.
2. Confidentiality: only sender intended receiver should understand message contents (i.e. sender encrypts and receiver decrypts message).
3. Integrity: sender and receiver want to insure massages are not altered without detection, and want to be able to prove that sender did in fact
send message.
4. Authentication: limiting access to only authorized user. Sender and receiver want to confirm identity of each other.

 General computer hazards

Computer hazards range from the destruction of the computer hardware and hence loss of data due to natural disaster to the modification and theft
of confidential information on the computer.
Generally, hazards to the computers can be categorized into three major categories.
A. Physical hazards
B. Malicious programs
C. Hackers and Crackers
Introduction to computer and its application Chapter Six

A. Physical hazards
Damages to the computer’s hardware can be caused due to the number of reasons;
 accidents and natural disasters like fire and flood
 catastrophic events,
 excessive heat,
 Dust and moisture.
 Power fluctuations
B. Malicious programs
There are lots of malicious programs written to disrupt the computer system. Among which the most important ones are the following:
I. Computer virus is a set of computer program instructions that attaches itself to a host program or file, copies itself and attacks a computer
system. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending
it over a network or the internet, or by carrying it on a removable medium such as floppy disc, CD, or USB drive.

Types of viruses
 Parasitic or file viruses infect executable files or programs that are identified by the extension .exe.

 Bootstrap-sector viruses reside on the first portion of the hard disk or floppy disk, known as the boot sector. These viruses replace either the
programs that store information about the disk's contents or the programs that start the computer. Typically, these viruses spread by means of
the physical exchange of floppy disks.

 Multi-partite viruses combine the abilities of the parasitic and the bootstrap-sector viruses, and so are able to infect either files or boot sectors.
These types of viruses can spread if a computer user boots from an infected diskette or accesses infected files.
Besides those mentioned above, there are also other types of viruses.

II. Worm is a malicious program similar to a virus but is a self-contained program that transports itself from one computer to another through
networks. Unlike a virus, worms don’t need to attach themselves to an existing program. While viruses corrupt or modify files on a computer,
worms copy themselves exceedingly and cause the computer to be extremely slow. Worms also cause harm to the network by consuming its
bandwidth.

Compiled by Fikreab L. Department of Software Engineering Page 2

Introduction to computer and its application Chapter Six

III. Trojan horse is a program that pretends to be something interesting and harmless, such as a game, but when it runs it may have harmful
effects. Unlike virus or worms, Trojan horse programs don’t replicate themselves. Instead, they might lie dormant for months before they are
activated and do something devious to the computer.
IV. Logic bomb is a piece of malicious program that delivers its instruction and cause damage when it is triggered by a specific condition, such as
when a particular date or time is reached or when a combination of characters is typed on a keyboard. Unlike a virus, logic bomb does not
replicate itself.
There are also other types of malicious programs among which the most prominent ones are: spywares that covertly gather user information
through the user’s internet connection without his or her knowledge and adware, a form of spyware that collects information about the user in order
to display advertisements in the web browser based on the information it collects from the user’s browsing patterns.
C. Hackers (crackers)
Hackers (crackers) are individuals who are well versed in computing and are engaged in various kinds of criminal activities ranging from writing
virus programs to the data and identity theft. Initially the term hacker refers to individuals who are computer enthusiasts, loves to know a great deal
about computer system, highly engaged in programming and with no criminal intent. But with the advance of networking that followed, some of
these experts began to be involved in some sort of criminal activity such as stealing confidential information through a network.
Due to this, hackers argue that those guys who are involved in this kind of criminal activity should be called crackers. Although hackers still argue
this way the media and the majority of the information technology community is using the term interchangeably.

Some of the attack mechanisms are physical ones like direct visual observation of monitor displays to obtain access. The other most important
attack mechanisms include the following:
o Getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges, so as to
obtain access to the other computers on the network.
o Accessing a computer by pretending to have an authorized user identity
o Electronic monitoring of digital networks to uncover passwords or other data
o Overloading a system with lots of incoming message or other traffic to cause system crash (Internet service saturation)

For the above first two attacks hackers employ tools like automatic password guessers that tries millions of combination of characters in an effort to
guess a computer’s password and vulnerability testers that look for software weaknesses. But these crime tools can also be used as valuable security
tools for testing the security of computers and networks.

Compiled by Fikreab L. Department of Software Engineering Page 3

Introduction to computer and its application Chapter Six

 Security mechanisms

There are various ways that we can use to help protect our computer’s hardware, software and data from numerous possible hazards. Since
prevention is better and easier to deal with than trying to cure after infection, most of the security mechanisms that would be discussed here deals
with prevention. All security mechanisms don’t solve all the security threats. Therefore, each of the following security mechanisms will be treated
with its respective threat type that would avert it.

A. Back up is the most important security mechanism of all since computer systems can fail in number of ways and the only way that we can
restore the loss is from what we have stored as back up. Storing backup copies of software and data and having backup computer and
communication capabilities are important basic safeguards because the data can then be restored if it was altered or destroyed by a computer crime
or accident.
B. Antivirus software is computer programs that attempt to identify, neutralize or eliminate malicious software. Antivirus is so named because the
earliest examples were designed exclusively to combat computer viruses; however, most modern antivirus software is now designed to combat a
wide range of threats including worms, Trojan horses, other malwares and password theft attempts like Phishing.
Antivirus software typically uses two approaches to combat threats. The first one is examining (scanning) files to look for known viruses; and the
second one deals with a heuristic approach of identifying suspicious behavior from any computer program that might indicate infection.

C. Fire wall is a device or a software that blocks unauthorized access to the single or network linked computers based on a set of rules and other
criteria. The firewall acts much like a guard when it looks at network traffic destined for or received from another computer. The firewall
determines if that traffic should continue on to its destination or be stopped. The firewall examines, filters, and reports on all information passing
through the network to ensure its appropriateness.

D. Use of password and authentication methods

Another technique to help prevent abuse and misuse of computer data is to limit the use of computers and data files to approved persons. Security
software can verify the identity of computer users and limit their privileges to use, view, and alter files. This is all can be done using passwords.
Passwords are confidential sequences of characters that allow approved persons to make use of specified computers, software, or information. To
be effective, passwords must be difficult to guess and should not be found in dictionaries. Effective passwords contain a variety of characters and
symbols that are not part of the alphabet.

Compiled by Fikreab L. Department of Software Engineering Page 4

Introduction to computer and its application Chapter Six

E. Encryption
Another technique to protect confidential information is encryption. Computer users can scramble information to prevent unauthorized users from
accessing it. Authorized users can unscramble the information when needed by using a secret code called a key. Without the key the scrambled
information would be impossible or very difficult to unscramble. Internet communication has lots of loop holes and we can’t be sure if what we
have sent for someone is accessed by another, whom we didn’t address the message for.

Therefore, to combat this situation individuals and organizations that have secret information to be sent on the network needs to scramble it. In this
case, if it happens that the message is grabbed in the middle, by some unauthorized people, they have to insert a secret key for the encrypted
message to be decrypted, where they wouldn’t have. But those whom the message is addressed for will have the key and can easily unscramble it.

In addition to the mechanisms mentioned above there are some issues that needs to be considered concerning some cautious approaches that needs
to be taken into consideration. One of them deals with the source from which we get software. Always we have to use software that is from trusted
sources. Since internet is the source of most of the compute security hazards, it is wise to browse cautiously.

One of the features of data on the computer as compared to those on paper is that it can easily be modified or altered without leaving much trace.
Therefore, in such kind of situations security software called intrusion detection system that detects and in some cases stop a variety of harmful
actions has to be installed.

Compiled by Fikreab L. Department of Software Engineering Page 5