Explain different security threats, mentioning the need for network security
Various security threats in File System of OS:
The various security threats in file system of OS are Trojan Horse, Trap Door, Logic Bomb, Stack and Buffer Overflow and Viruses.
- Computer Security is the process of preventing and detecting unauthorized use of your computer.
- It involves the process of safeguarding against intruders from using your computer resources for malicious intents or for their own gains.
- A file virus attaches itself to an executable file, causing it to run the virus code first and then jump to the start of the original program.
- These viruses are termed parasitic, because they do not leave any new files on the system, and the original program is still fully functional.
- A Trojan Horse is a program that secretly performs some maliciousness in addition to its visible actions.
- Malware in a Trojan horse does not replicate itself, nor can it propagate without the end user's assistance since the user is often unaware that he has installed a Trojan horse.
- Unexpected changes to computer settings and unusual activity even when the computer should be idle are strong indications that a Trojan or other malware is residing on a computer.
- To avoid being infected by Trojan malware, users should keep their antivirus software up to date, never download files or programs from untrusted sources, and always scan new files with antivirus software before opening them.
Trap Door :
- A Trap Door is when a designer or a programmer (or hacker) deliberately inserts a security hole that they can use later to access the system.
- Because of the possibility of trap doors, once a system has been in an untrustworthy state, that system can never be trusted again.
- Even the backup tapes may contain a copy of some cleverly hidden back door.
- A Logic Bomb is code that is not designed to cause havoc all the time, but only when a certain set of circumstances occurs, such as when a particular date or time is reached or some other noticeable event.
- Logic Bomb is also called slag code, it is a programming code added to the software of an application or operating system that lies dormant until a predetermined period of time or event occurs, triggering the code into action.
- Logic bombs typically are malicious in intent, acting in the same ways as a virus or Trojan horse once activated.
- Viruses that are set to be released at a certain time are considered logic bombs.
- They can perform such actions as reformatting a hard drive and/or deleting, altering or corrupting data.
Stack and Buffer Overflow:
- This is a classic method of attack, which exploits bugs in system code that allows buffers to overflow.
- Stack based buffer overflows are one of the most common vulnerabilities. It affects any function that copies input to memory without doing bounds checking.
- A buffer overflow occurs when a function copies data into a buffer without doing bounds checking. So if the source data size is larger than the destination buffer size this data will overflow the buffer towards higher memory address and probably overwrite previous data on stack.
- A virus is a fragment of code embedded in an otherwise legitimate program, designed to replicate itself by infecting other programs, and eventually wreaking havoc.
- Viruses are more likely to infect PCs than UNIX or other multi-user systems, because programs in the latter systems have limited authority to modify other programs or to access critical system structures such as the boot block.
- Viruses are delivered to systems in a virus dropper, usually some form of a Trojan Horse, and usually via e-mail or unsafe downloads.
Please log in to add an answer.