An Experimental Page

From wiki.ucalgary.ca
Jump to: navigation, search

The Importance of Computer Security

Since the first time people invented internet until now, internet already to be a life need for everyday. The differences between Internet and the World Wide Web are: the Internet is a collection of interconnected computer networks, linked by copper wires, fiber-optic cables, wireless connections, etc.; the Web is a collection of interconnected documents and other resources, linked by hyperlinks and URLs. The World Wide Web is accessible via the Internet, as are many other services including e-mail, file sharing, and others described below (Walter Willinger, Ramesh Govindan, Sugih Jamin, Vern Paxson, and Scott Shenker, 2002).

The first internet was used in DARPA (Defense Advanced Research Projects Agency) for some top programs. However, at that time they did not call it as internet, but call it ARPAnet, which started to use in 1969; meanwhile other four Universities were also connected for testing and advancing this network. The late 1970s to the early 1980s, the network to flourish, many kinds of networks continually be invented, like MILNET, USENET, BITNET and CSNET. The size and number of networks has been a major development. Series of networks were established, but at the same time, there were many different needs of network. As the result, in 1980, TCP/IP agreement has been made, and started to use this agreement in 1982.

In 1986, United States National Science Foundation NSF funded to build a backbone network based on TCP/IP agreement, which linked several supercomputing center, major universities and research institutions. After the first internet was produced, the internet rapidly connects the world together. 1990s, with web technology and the emergence of the corresponding browser, the development and application of internet has been a new leap forward. From 1995, NSFNET started commercial operation. Since 1995, the number of Internet users’ exponential growth trends, the average was doubling every six months. As of May 2002, there are more than 580 million internet users in the world. Among them, there are about 182 million users in North America, and Asia-Pacific has about 168 million. As of July 2001, about 126 million global numbers of computers connected. Internet is still in excess of the rate of Moore's Law:

  • "Moore's Law is the empirical observation made in 1965 that the number of transistors on an integrated circuit for minimum component cost doubles every 24 months"(Electronics Magazine, 1965& Intel Corporation, 2005).

It was estimated that the number of Internet users worldwide will reach 1.3 billion in 2005, and then will reach 2.2 billion in 2010.

As more and more increasing of the technology level, computer crime is generally defined as any crime accomplished through special knowledge of computer technology. Increasing instances of white-collar crime involve computers as more businesses automate and the information held by the computers becomes an important asset. Some people stolen information or some internet crimes that use computer damage to get their goal, for example when vandals attack the computer itself, or when a "computer virus" (a program capable of altering or erasing computer memory) is introduced into a computer system.

As subjects of crime, computers represent the electronic environment in which frauds are programmed and executed; an example is the transfer of money balances in accounts to perpetrators' accounts for withdrawal. Computers are instruments of crime when they are used to plan or control such criminal acts. Examples of these types of crimes are complex embezzlements that might occur over long periods of time, or when a computer operator uses a computer to steal or alter valuable information from an employer.

Since the first cases were reported in 1958, computers have been used for most kinds of crime, including fraud, theft, embezzlement, burglary, sabotage, espionage, murder, and forgery. One study of 1,500 computer crimes established that most of them were committed by trusted computer users within businesses i.e. persons with the requisite skills, knowledge, access, and resources. Much of known computer crime has consisted of entering false data into computers. This method of computer crime is simpler and safer than the complex process of writing a program to change data already in the computer. Therefore, there is not only need to develop our technology on the computers, it seems that a high requirement for anti internet crime. There is also evidence that organized professional criminals have been attacking and using computer systems as they find their old activities and environments being automated (Mungo 11-12).

Computer virus is a computer program that deliberately written to infect computer operations, record, or delete data, or spread themselves to other computers throughout the Internet. Also, virus could slow down computer and cause other problems in process. Computer virus normally can be divided into a number of types as followed: Boot strap sector virus; File virus; Memory resident virus; Multi-partite virus; Stealth Virus; Macro Virus.

Boot sector viruses were common and very powerful in 90s. A boot sector strap virus hides and affects the boot sector of a hard disk. As a computer affect, the boot sector virus located in the operating system where all important information about the drive is stored. Because of the structure of design of DOS operating system, a virus is possible to load into memory by inserting its code into the boot sector during computer booting up. A boot virus was spread widely during the time when programs were stored and carried around on floppies. Every floppy was able to be interfered by computers which were infected with boot sector virus. The typical example of boot sector virus is Michelangelo virus. The virus is good at intruding computer’s partition table, boot sector and floppies’ boot sector, and would permanent set into memory. Michelangelo would be activated to destroy and erase all data in a computer on March 6th.

File viruses can infect executable files, for example EXE files, driver files or compressed files by inserting their code into some part of the original files, and are activated when the host program runs. After activation, the virus could spread itself to other executable files, but still continue executing original program so that user cannot be aware of the virus. CIH is one of the most harmful file viruses. CIH, also known as Chernobyl or Spacefiller, is a file virus written by Chen Inghau of Taiwan. It can infect the .EXE files of Windows95/98 system. After the virus happened, it will overwrite dangerous information on infected system drivers, and hard disk is unable to load original executable files. In addition, some CIH virus attempts to corrupt the system BIOS. CIH virus happens on 26th every month.

Multi-Partite virus combines the specialty of boot sector virus and file virus. It can infect .COM, and .EXE files, also has the ability to interfere the boot sector of a computer’s hard disk. Based on this character, multi-partite virus has incredible infection. Flip is an interesting example of multi-partite virus. It happens at the second day of every month. If users boot up computers with infected floppies or hard disks from 16:00pm to 16:59pm, the screen will flip over horizontally. It is the first computer virus that has fantastic function.

A stealth virus, which is also known as interrupt interceptors, is a virus that actively hides itself in memory after infecting the computer. Once the computer has been infected, the virus can use various tricks to appear that the computer has not lost any memory and the file size has not been changed. The virus may save a copy of original, uninfected data. When the anti-virus program attempts to approach the data that has been changed, the virus leads it to the original, uninfected data. The origination of stealth virus is Frodo, also known as 4096. It likes to infect .COM, .EXE and .OVL files. Its name means the size of infected file would increase 4,096 bytes. The computer will slowly run the program or file that has been infected because the FAT has been destroyed. Also, computer system will run improperly even dead from 22th September to 31th December.

Macro virus is a virus that is written in a macro language. It can infect many applications that support powerful macro language such as Microsoft Word and Excel. A series of actions will be activated when the application is started or some other program causes it. According to some estimates, 75% of all viruses today are macro viruses (Macro virus, 2006). A macro virus often spread out by e-mail. The most common virus is the Melissa virus which is determined as the fast spreading virus. Melissa virus is distributed as an e-mail attachment. Once a user opens the documents, computer is infected. The virus will be automatically resent to the first 50 people in the address list if user has Out-look program. However, Macro virus will not destroy or erase any files or data, it is able to cause internet or e-mail service overload. On Friday, March 26, 1999, Microsoft Corporation shut down incoming e-mail caused by Melissa virus. Intel and other companies also announce being infected (Melissa virus, 2006).

Currently, by the development of internet technology, a new kind of self-replicating computer program, Worm, is created. It distributes copy of itself to other nodes throughout internet. Unlike computer virus, it does not infect on a targeted computer. Worm always harms the network.

From information above, computer users has amount of reasons to worry about the computer virus, worm and black hackers, even they should not buy a computer because of those dangerous and harmful computer programs; but indeed, not buying a computer cannot be true, and is not necessary because people are creating “computer safeguards” to defense. “Months have passed, since our last buying guide for security suites, and change is in the air. Oh, the fundamental things apply: Computer users still need a firewall, antivirus, and antispyware.” (Rubenking, 2006)

In the book Technology in Action which written by Alan Evans, Kendall Martin & Mary Anne Poatsy, chapter seven is focusing on networking and security. The authors introduce about the protection tools. Firewall is the most useful staff to protect a computer. (It can defense the attacking from the internet only. If somebody is kicking the hardware, it is totally useless.) The word “firewall” comes from old times. In some densely cities, houses have been built very close, so only one fire can destroy a few houses. Then people used the materials which can slow or stop the fire to built walls. Those walls are the original firewalls. Nowadays, internet world is facing the same situation as the densely cities. Millions of computers are sticking together that more powerful to defense the attacking from the black hackers. One attacking can immediately affect on several computers. The internet firewalls are protecting the computers as their ancestors were protecting the houses.

There are two different kinds of firewalls, which are software firewall, and hardware firewall. “Firewalls protect [a computer] in two major ways: by blocking access to logical ports, and by keeping [a] computer’s network address secure.”(Evans, Martin & Poatsy, 2006) Both software and hardware firewalls are working by those two major ways. Most of computers are using software firewalls, such as Norton Personal Firewall, McAfee Firewall, ZoneAlarm and BlackICE PC Protection. Those firewalls are just like the other software. They have been installed in the computers and when the computers are under attack, software firewall will let the users know and block the black hackers out. Hardware firewall is also easy to use. A router is the best example of a hardware firewall. After a router has been used, all the computers that are working under this router will have a new IP address. This means that all the computers’ IP addresses will be hided by the router’s IP address. A black hacker is using the IP address to locate the target computer. When this hacker is trying to attack a computer that is working under a router, this person can only find the router’s IP address but not the computer’s IP address. Then the computer is safe.

When a virus has been already installed in a computer, firewall can do nothing to that. Antivirus software is what can clear the viruses from a computer. If a computer wants to always be clean, it should run the antivirus software at least once a week. Because antivirus software catches the viruses by the signatures, it cannot clean those new viruses that it does not know. The computer engineers in the software companies are always improving their products, so the computer users had better to update their antivirus software on time.

The internet engineers are working hard to keep the internet in security. The governments of different countries and unions are also creating their laws for internet using. Nowadays, hacker’s action that causes damage to computers or internet services are illegal in most of the countries in the world. Perfect and mature laws make a lot of hackers stop their job, because breaks the internet security is not only a mischievous prank. That is a crime. In the journal Recent Events in EU Internet Law which written by Van Eecke, P. and Truyens, M, The authors shows some information that how does the Internet laws in the European Union develop:

  • "A legal study has been conducted in business-to-business electronic markets to control unfair practices. The Amsterdam Court of Appeal has denied a request regarding the identification of subscribers who participated in KaZaA P2P file sharing. Data protection rules regarding processing of personal data by public bodies have been reframed under the directive of the European Commission."(2006)

After all the people realize that steal information from others computer is the same as steals money from other’s pocket, the internet world will become safer.

Internet security is a problem and is also a big market. The war between the security software companies is already starting. According to the article Security Software Wars written by Narasu Rebbapragada, the author mentions the competition. “Symantec's Norton Internet Security 2007 recommends that users uninstall anti-spyware competitors such as Safer Networking's Spybot-Search & Destroy and Webroot's Spy Sweeper. Safer Networking has cried unfair competition, but Symantec says that its recommendation was prompted by software conflicts among apps with real-time protection.” (Rebbapragada, 2006) That is maybe good news to millions of computer users, because they can spend less and get better service by the competition.









References:

Computer virus. (2006, December). Wikipedia. Retrieved December 6, 2006, from http://en.wikipedia.org/wiki/Computer_virus#Macro_virus

Cramming more components onto integrated circuits (PDF) pp. 4. Electronics Magazine (1965). Retrieved on Nov 11, 2006.

Evans, A., Martin, K., & Poatsy, M. A.. (2006). Technology in Action.

Excerpts from A Conversation with Gordon Moore: Moore’s law (PDF) pp. 1. Intel Corporation (2005). Retrieved on May 2, 2006 Journal of Internet Law. 10(5), P26-P27.

Macro virus. (2006). Webopedia. Retrieved December 7, 2006, from http://www.pcwebopaedia.com/TERM/M/macro_virus.htm

Melissa (computer worm). (2006, October). Wikipedia. Retrieved December 6, 2006, from http://en.wikipedia.org/wiki/Melissa_virus

Melissa virus. (2006). Searchsecurity. Retrieved December 6, 2006, from http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213491,00.html

Mungo, Paul, and Clough, Bryan. Approaching Zero: The Extraordinary Underworld of Hackers, Phreakers, Virus Writers, and Keyboard Criminals, New York: St. Martin's, 1993. New Jersey: Pearson Prentice Hall.

Rebbapragada, N.. (2006 Dec). Security Software Wars. PC World. 24(12), P92.

Rubenking, N. J.. (2006 May 12). Security Suites. PC Magazine. 25(22), P60-P62.

Van Eecke, P., & Truyens, M.. (2006 Nov). Recent Events in EU Internet Law.

Walter Willinger, Ramesh Govindan, Sugih Jamin, Vern Paxson, and Scott Shenker. (2002). Scaling phenomena in the Internet. In Proceedings of the National Academy of Sciences, 99, suppl. 1, 2573 – 2580.