Sunteți pe pagina 1din 19

1

TERM PAPER OF CSE-404

Topic:-Threats

Submitted to Submitted by

Mr. Kiran kumar Brishabh singh


Reg no-7450070146
Roll no-34
Section –RA17B1
2

INDEX

Abstract---------------------------------------------------------------------------------3

Introduction---------------------------------------------------------------------------3-4

Sources of Threats-------------------------------------------------------------------5

How threats spread------------------------------------------------------------------5

Types of Computer Security Threats--------------------------------------------6-10


Some important concepts about these threats--------------------------------10-11

Threat Category Weighted -------------------------------------------------------11-11

Tips to protect yourself from malware----------------------------------------12-14

Backup-------------------------------------------------------------------------------14-16
The top 10 computer security threats-----------------------------------------16

Removal of Security Threats---------------------------------------------------16

Conclusion-----------------------------------------------------------------
---------------17

Reference------------------------------------------------------------------
---------------18
3

Abstract:

As Internet and e-mail become an ever-increasing part of our 21st-century lives, the myriad
dangers and risks that come with them are increasing too. Make sure you know how to deal with
the threats that face us. Security planning is a complex and demanding discipline because of the
variety of techniques available for attackers to breach the information security defenses of an
organization. The problem is that security plans often focus exclusively on technical
countermeasures. However, the human approach termed “social engineering” is often neglected.
These attacks are difficult to deal with because the targets may not even realize they are being
attacked. The popularity of internet aggravates the threat and gives the virus writers the ideal
environment to distribute their viruses, since computer viruses can spread through the universe in
a few hours causing distractions to hundreds of thousands of computers around the globe. An
abbreviated idea about computer virus nature, history and development, the damage caused by
some well known viruses and the different types of computer viruses is explained, also virus
writers types, motivations, their point of view towards ethical and legal issues, and the effect of
legal penalties on their practice is explained .

1. Introduction

Thereat is defined as a computer program, a person, or an event that violates the security system.
A threat causes loss of data and attacks the data privacy. Most of the data of an organization
stored inside the computer in very important and more valuable than the computer hardware and
software. It can be damaged due to many reasons. You must protect your data from illegal access
or from damage.

Information systems are quickly becoming the most important tool for facilitating and supporting
business activities. Our reliance on these systems means that vast quantities of sensitive and
potentially valuable information is created, stored and used by them. The number of technical
attacks on these systems has seen an explosive growth ever since their inception, resulting in a
myriad of technical safeguards being developed and implemented to stop them. While these
safeguards can prevent physical attacks on hardware and software if configured correctly, they
cannot control the human element of security. It’s a widely accepted belief that people are the
weakest link in any security framework, and this is where social engineering represents a threat.
The keyword here is lying, as attacks of this nature exploit common human behavior by praying
upon the “credulity, laziness, good manner or even enthusiasm of your staff” (Microsoft, 2006).
This notion is supported by many in the security industry.

If a firewall was breached due to poor configuration, the person who configured it will most
likely face some form of reprimand, but in many cases this will be far less embarrassing than
admitting that someone tricked you into giving away the root password to some random person
over the phone.

Cyber criminals have displayed great interest in the activity of state structures and commercial
enterprises. They make attempts at theft and disclosure of confidential information, doing
4

damage to business reputations, breaching business continuity, and consequently breach an


organization's information resources.

It is not big companies alone who are at risk. Individual users can also be attacked. Using
various tools, criminals gain access to personal data (bank account and credit card numbers and
passwords), cause your system to malfunction, or gain complete access to your computer. Then
that computer can be used as part of a zombie network, a network of infected computers used by
hackers to attack servers, send out spam, harvest confidential information, and spread new
viruses and Trojans.

In today's world, everyone acknowledges that information is a valuable asset and should be
protected. At the same time, information must be accessible for a certain user group (for instance,
employees, clients and partners of a business). This is why there is a need to create a
comprehensive information security system.

Today, malicious programs propagate so quickly that antivirus companies have to release
updates as quickly as possible to minimize the amount of time that users will potentially be at
risk. Unfortunately, many antivirus companies are unable to do this - users often receive updates
once they are already infected.

USB flash drive:is widely used for storing and transmitting information. It is also an important
transmission route of threats. However, few antivirus products can provide 100% protection against any
threats via USB drive, especially for offline computer that is not connected to Internet. This is why there
is a need to develop a security system to protect computers against any threats via USB drive. Fortunately,
USB Disk Security provides a best solution to solve the problem.

The following are the main threats to data security

• Some authorized user of the data may unintentionally delete or change sensitive data.
There are two solutions to this problem.
• Firstly, the users must be assigned proper rights to minimize such events. Only the
authorized user with certain rights may be allowed to delete or modify data after
following a step-by-step process.
• Secondly, periodic backup of data should be taken to recover the deleted data.
• A proper password protection should be used to use any resource. A log file should also
be maintained to keep track of all the activities performed on the data.
• Some strong encryption algorithm should be used, so that if any one gets access to the
data, he could not be able to make any sense out of it.
• Latest antivirus software should be used to scan all data coming into the organization.
• Computers and all backing storage devices should be placed in locked rooms. Only
authorized users can access these resources.
• Authorized users must be asked to change their passwords periodically.
5

2. Sources of Threats
A person, a group of people, or even some phenomena unrelated to human activity can serve as
an information security threat. Following from this, all threat sources break down into three
groups:

The human factor. This group of threats concerns the actions of people with authorized or
unauthorized access to information. Threats in this group can be divided into:

• External, including cyber criminals, hackers, internet scams, unprincipled partners, and
criminal structures.
• Internal, including actions of company staff and users of home PCs. Actions taken by this
group could be deliberate or accidental.

The technological factor. This threat group is connected with technical problems - equipment
used becoming obsolete and poor-quality software and hardware for processing information. This
all leads to equipment failure and often to data loss.

The natural-disaster factor. This threat group includes any number of events brought on by
nature and other events independent of human activity.

3. How threats spread ?

As modern computer technology and communications tools develop, hackers have more
opportunities for spreading threats. Let's take a closer look at them:

The Internet :
The Internet is unique, since it is no one's property and has no geographical borders. In many
ways, this has promoted development of countless web resources and the exchange of
information. Today, anyone can access data on the Internet or create their own webpage.
However, these very features of the worldwide web give hackers the ability to commit crimes on
the Internet, making them difficult to detect and punish as they go.

USB flash drives:


USB flash drives are widely used for storing and transmitting information.
When you use a USB disk that has malicious programs on it, you can damage data stored on your
computer and spread the virus to your computer's other drives or other computers on the network.

Types of Computer Security Threats

This page provides basic information on computer security threats. The computer security threats
covered here are:
6

• Viruses
• Trojan Horses
• Worms
• Zombies
• Phishing
• Internet Based Attacks
• Viral Web Sites
• Spyware, Adware and Advertising Trojans
• Virus Hoaxes
• Unsecured Wireless Access Point
• Bluesnarfing
• Social Engineering
• Microsoft Office Document Metadata

Viruses

A software virus is a parasitic program written intentionally to alter the way your computer operates
without your permission or knowledge.
A virus attaches copies of itself to other files such as program files or documents and is inactive until you
run an infected program or open an infected document. When activated, a virus may damage or delete
files, cause erratic system behaviour, display messages or even erase your hard disk.
A virus may spread through email and instant messenger attachments, through infected files on floppy
disks or CD-ROMs, or by exploiting a security flaw in Microsoft Windows.

Virus Structure

Computer viruses could have two parts at least (search and copy routines) or more depending on how
sophisticated it might be, the additional parts will give it a unique characteristic(Ludwing,2002, p.23-24):
Search routine: this routine responsibility is to find a stabile target for infection.

Copy routine: to be able to infect the target which was found by search routine, the virus must copy itself
to the target and this is the copy routine responsibility.

Anti-detection routine: this could be part of the search or copy routines or it could be a stand alone
routine, the mission of this routine is to avoid detection either by the user or the anti-virus programs.

Payload routine this routine vary depending on it’s porous, it could be a joke, destructive or perform a

useful task.
7

Trojan Horses:

Trojan horses are programs that appear to serve some useful purpose or provide entertainment, which
encourages you to run them. But these programs also serve a covert purpose, which may be to damage
files, to place a virus on your computer or to allow a hacker to gain access to your machine. More
commonly these days, you can be enticed into running a Trojan by clicking a link on a viral web site or in
an email.
Trojans that allow a hacker to gain access to your machine, called Remote Access Trojans (RATs), are
particularly prevalent at the moment. Over 50% of all spam (unsolicited email) is sent from home or work
computers that have been compromised by RATs.
A Trojan horse is not a virus because it does not replicate and spread like a virus.

Worms:

Worms are programs that replicate and spread, often opening a back door to allow hackers to gain access
to the computers that they infect.
Worms can spread over the Internet by expoiting security flaws in the software of computers that are
connected to the Internet. Worms can also spread by copying themselves from disk to disk or by email.

Zombies:

A Zombie is a dormant program that lies inactive on a computer. It can be activated remotely to aid a
8

collective attack on another computer. Zombies don’t normally damage the computer on which they
reside but can damage other computers.
Zombies often arrive as email attachments and when the attachment is opened they install themselves
secretly and then wait to be activated.

Phishing:

A Phishing attack is when you are are sent an email that asks you to click on a link and re-enter your bank
or credit card details. These emails can pretend to be from banks, Internet service providers, on-line stores
and so on, and both the email and the web site it links to appear genuine. When you enter your bank or
credit card details they are then used fraudulently.

Internet Based Attacks:

While your computer is connected to the Internet it can be subject to attack through your network
communications. Some of the most common attacks include:

• Bonk – An attack on the Microsoft TCP/IP stack that can crash the attacked computer.
• RDS_Shell – A method of exploiting the Remote Data Services component of the Microsoft Data
Access Components that lets a remote attacker run commands with system privileges.

• WinNuke – An exploit that can use NetBIOS to crash older Windows computers.

Viral Web Sites:

Users can be enticed, often by email messages, to visit web sites that contain viruses or Trojans. These
sites are known as viral web sites and are often made to look like well known web sites and can have
similar web addresses to the sites they are imitating.
Users who visit these sites often inadvertently download and run a virus or Trojan and can then become
infected or the subject of hacker attacks.

Spyware, Adware and Advertising Trojans:

Spyware, Adware and Advertising Trojans are often installed with other programs, usually without your
knowledge. They record your behaviour on the Internet, display targeted ads to you and can even
download other malicious software on to your computer. They are often included within programs that
you can download free from the Internet or that are on CDs given away free by magazines.

Spyware doesn’t usually carry viruses but it can use your system resources and slow down your Internet
connection with the display of ads. If the Spyware contains bugs (faults) it can make your computer
unstable but the main concern is your privacy. These programs record every step that you take on the
Internet and forward it to an Ad Management Centre which reviews your searches and downloads to
determine your shopping preferences. The Ad Management Centre will build up a detailed profile of you,
without your knowledge, and can pass this on to third parties, again without your knowledge. Some
Spyware can download more serious threats on to your computer, such as Trojan Horses.
9

Virus Hoaxes:

Virus hoaxes are messages, usually sent by email, that amount to little more than chain letters. They
pretend to alert you to the latest "undetectable" virus and simply waste your time and Internet bandwidth.
The best course of action is to delete these hoaxes - they can cause genuine fear and alarm in the disabled,
elderly and other vulnerable groups.

Unsecured Wireless Access Points:

If a wireless access point, e.g. an ADSL (Broadband) Router, hasn't been secured then anyone with a
wireless device (laptop, PDA, etc) will be able to connect to it and thereby access the Internet and all the
other computers on the wireless network.

Bluesnarfing:

The act of stealing personal data, specifically calendar and contact information, from a Bluetooth
enabled device.

Social Engineering:

Tricking computer users into revealing computer security or private information, e.g. passwords,
email addresses, etc, by exploiting the natural tendency of a person to trust and/or by exploiting a
person's emotional response.

Example 1: Spammers send out an email about victims of child abuse and provide a link to click in the
email for further information or to help the victims. When the link is clicked the spammers know the
email address is "live" and add it to their live list which they then use to target their spam.
Example 2: A company computer user is tricked into revealing the network password by someone on the
telephone who is impersonating the voice of an employee in authority and who has a story of distress.

Microsoft Office Document Metadata:

The average Microsoft Word, Excel, etc document includes hidden metadata with details of who created
it, who has worked on it, when it has been amended and quite possibly the text of all those changes as
well. Viewing a Word document in a text editor can reveal the metadata in plain text at the start and finish
of the document.

4. Some important concepts about these threats


10

What is the difference between a virus and a worm?

A virus is a program that replicates, i.e. it spreads from file to file on your system and from
PC to PC. In addition, it may be programmed to erase or damage data.
Worms are generally considered to be a subset of viruses, but with certain key
differences. A worm is a computer program that replicates, but does not infect other files.
Instead, it installs itself once on a computer and then looks for a way to spread to other
computers.
In the case of a virus, the longer it goes undetected, the more infected files there
will be on the computer. Worms, however, create a single instance of their code. Moreover,
unlike a virus, a worm code is stand-alone. In other words, a worm is a separate file while a
virus is a set of code which adds itself to existing files.

What is a TROJAN and where did the name come from?

The term Trojan refers to the wooden horse used by the Greeks to sneak inside the city of Troy and
capture it. The classic definition of a Trojan is a program that poses as legitimate software but when
launched will do something harmful. Trojans can't spread by themselves, which is what distinguishes
them from viruses and worms.

Today, Trojans are typically installed secretly and deliver their malicious payload without your
knowledge. Much of today’s crimeware is comprised of different types of Trojans, all of which are
purpose-built to carry out a specific malicious function. The most common are Backdoor Trojans (often
they include a keylogger), Trojan Spies, password stealing Trojans and Trojan Proxies that convert your
computer into a spam distribution machine.

What is a DoS attack? What is a DDoS attack?

A Denial-of-Service (DoS) attack is designed to hinder or stop the normal functioning of a web site,
server or other network resource. There are various ways for hackers to achieve this. One common
method is to flood a server by sending it more requests than it is able to handle. This will make the server
run slower than usual (and web pages will take much longer to open), and may crash the server
completely (causing all websites on the server to go down).

A distributed-Denial-of-Service (DDoS) attack differs only in the fact that the attack is conducted using
multiple machines. The hacker typically uses one compromised machine as the ‘master’ and co-ordinates
the attack across other, so-called ‘zombie’, machines. Both master and zombie machines are typically
compromised by exploiting a vulnerability in an application on the computer, to install a Trojan or other
piece of malicious code.

Spoofing
11

Spoofing is a technique used to hide identity of traffic originator or assume identity of trusted entity or
fooling a computer into believing which actually you are not. The most common spoof is email where a
hacker pretend to be a different internet address from the one you have just to gain his/her credit card no,
passwords, personal information or to theft any identity. Spoofing normally involves sending many
packets/messages pretending to be a real legitimate person and spoofed IPs are very hard to back track.
There are many different types of spoofing, such as

▪ IP addresses, MAC addresses changing attacks


▪ Link alteration
▪ DNS server spoofing attack
▪ Content theft
▪ E-mail address changing attack

5. Threat Category Weighted Ranking

Deliberate Software Attacks 2178


Technical Software Failures or Errors 1130
Act of Human Error or Failure 1101
Deliberate Acts of Espionage or Trespass 1044
Deliberate Acts of Sabotage or Vandalism 963
Technical Hardware Failures or Errors 942
Deliberate Acts of Theft 695
Forces of Nature 611
Compromises to Intellectual Property 495
QoS Deviations from Service Providers 434
Technological Obsolescence 428
Deliberate Acts of Information Extortion 225

Your computer could be at risk if your:

Firewalls: Are disabled and not properly working

Security Updates: Are not up-to-date

Antivirus Software: Is not up-to-date or from a trusted


source

Password: Is weak, especially for network


security
12

6. Tips to protect yourself from malware

Be mindful of what you are clicking on

Many websites that hosts harmful content will use banners and pop up advertisements, pretending to be
an error messages or offering you a prize. When you visit these sites harmful content is downloaded into
your computer. Avoid being tempted in the first place.

Be aware of what you are downloading

Don't download software from a website that's full of advertisements, or listings of 'free' programs, these
are often fake files. Be cautious and question them, scan them with security software prior to opening or
only download programs from reputable or corporate websites.

Purchase security software

Many users are not aware that using pirated software can not protect user's computer against threats and
the pirated software from unauthorized third parties may contain viruses.

Be careful before you open your removable media

Many malicious programs attack your computers and spread via USB storage. USB Disk Security can
protect your computer against any threats via removable media.

Update Windows when prompted

Microsoft release updates for Windows regularly. They include important security patches and tools.
Install them when prompted to patch up security gaps in your operating system, browser or third party
software.

Take extra care when using Peer-To-Peer programs

Since files shared on P2P networks are not policed. Anyone can release anything they want via this
medium. As such get into the habit of scanning the files you downloaded before running/executing them.

Accept incoming files when you expect them and from people that you know

Some threats have the ability to infect machines and automatically send copies of themselves to that
user's contact list. It may appear that your friend is sending you a file but it may turn out to be a
malicious program propagating itself.

Know your File Formats

Images usually come in .jpg .jpeg .png .bmp .gif .tif formats. Executables come in .exe .bat .com .dll
formats. If someone says they are sending you a photo but the file ends with .exe or .com, please do not
open it. They're obviously mistaken or potentially endangering you.

Be aware of what's happening


13

There are various places to seek for help and learn more about your computer. It pays to be
knowledgeable on your computer, as malicious threats often take advantage of those who are unaware of
what's happening.

The key information sought in this study is the identification and ranking of
threats to information security. This list presents the result of the study with
each category’s corresponding ranking.
14

Backup

User interface elements in User Profile

• Start menu, taskbar, toolbars, desktop shortcuts, the desktop background,


and Active Desktop items.
• My Documents
• My Music
• Media play lists maintained by Windows Media Player, Real Player, etc.
• My Pictures
• My Download files (containing drivers and installation programs)
• Favorites
• Cookies (to avoid looking up all passwords again)
• Preferences set from inside each Application GUI
15

Other

• Email text
• Application data files and databases (Quicken, TurboTax, etc.).

In the Applications Data\Microsoft\ folder:

• Address Book \ %user%.wab and .wa~ backup file.


• Proof\custom.dic Spell Check custom dictionary.
• Excel\XLSTART spreadsheets shown at startup.
• Templates such as Normal.dat used by Word.
• Media Player presets and play lists.

System State data

• Registry settings
• Component Services (COM+) Class Registration database
• System boot/start-up files (CONFIG.SYS, AUTOEXEC.BAT, CONFIG.NT, etc.)
• Performance counter configuration information
• Certificate Services database (if the computer is a certificate server)
• Active Directory service and SYSVOL folder (if the computer is a Domain
Controller)
• resource registry checkpoints and the quorum resource recovery log (if the
computer is part of a Cluster)
• DNS zone information (DS integrated and non-DS integrated) (if the computer
is a DNS server)

On a SQL Server

Types of MS-SQL data should be backed up:

• User databases -- There is more than one type of production database


• The master database -- It is important to include backup the master
database. Master cannot be separated from its transaction log so they have
to be backed up together.
• The MS-SQL msdb database
• The MS-SQL msdb database supports the SQL Executive service provides a
storage area for scheduling information. Because setup installs msdb
database and its transaction log on separate devices they can be backed up
separately.
• The distribution database (replication)
• Distribution servers need to be included.
16

7. The top 10 computer security threats for 2008

The 2008 Olympics is likely to spur a flurry of hacker activity, says Websense Inc, which
specializes in web filtering and security software, releasing the top ten computer security threats
for 2008.

“Looking at the current attack trends, cyber criminal techniques are evolving quickly and
efficiently to not only evade detection, but to steal data and manipulate trusted content such as
Web sites and applications," said Dan Hubbard, vice president of security research, Websense, in
a media release. "It's critical that organizations and individuals recognize that attackers are
changing techniques and launching targeted attacks."

The top 10 security threats are:

1. Olympics: New cyber attacks, phishing and fraud


2. Malicious spam invades blogs, search engines, forums and Web sites
3. Attackers use Web's 'weakest links' to launch attacks
4. Number of compromised Web sites will surpass number of created malicious sites
5. Cross-platform Web attacks: Mac, iPhone popularity spurs increase
6. Rise in targeted Web 2.0 special interest attacks: Hackers targeting specific groups of people
based on interests and profile
7. Morphing JavaScript to evade anti-virus scanners
8. Data concealment methods increase in sophistication
9. Global law enforcement will crack down on key hacker groups and individuals
10.Vishing and voice spam will combine and increase
11. Removal of Security Threats

 Example of how to remove a Sasser Worm:


 1.) Disconnect from local internet connection
 2.) Close the running program
 3.) Activate Windows Firewall
 4.) Download and Install Patches from Microsoft Website
 5.) Delete all infected files
 6.) Reboot your computer
17

11. Conclusion

• Every day, organizations spend fortunes on the latest in high-tech security but fail to
consider the small and simple tricks that social engineers employ to their advantage. One
problem facing these organizations is the never-ending pursuit of being able to do things
faster and cheaper, which often means that obvious risks are overlooked, eventually
rendering multi-million dollar technologies useless. An attacker will always follow the
path with the least amount of obstacles in it, while some organizations spend a lot of
resources planning for unrealistic and catastrophic scenarios.
• On the other end of the scale, you have organizations that neglect security all together.
Mitnick believes it’s a money issue more than anything else, by stating that “a lot of
businesses out there don’t see the return on investment, they look at it [security] as a
liability, and until they can understand that proactive security actually returns, gives them
a return on investment, it’s still a hard sell for people” (Mitnick & Simon, 2003). It’s
important for both security managers and employees to challenge this mindset, as security
can pay off in the long run, but only if it’s done right.

• One can argue if combating social engineering is even possible, since there will always
be users that are susceptible to a well-written scheme. The product of a well-executed
security strategy will never be perfect because there is no such thing as perfect security.
However, education and consequently increased user awareness can produce positive
results in the long run, but only if it’s able to keep users informed and updated on the
risks they face. Education through security awareness training is perhaps the most
important tool for combating these attacks. The key is to create awareness that empowers
your employees to recognize and thwart social engineers before they become a threat.
Furthermore, these training programs need to be dynamic and focus on continuous
improvement to ensure a return on the investment for the organization.
• Many in our generation grew up with comics and cartoons. Their heroes and their ideals
helped shape our mindset on many subjects. In relation to warfare, G.I. Joe was the one
who taught us that “knowing is half the battle”. One can argue that he is correct, as
knowledge does equal power in the case of combating social engineers. We now know
that social engineering is a serious threat in today‟s environment. With the vast quantities
of information organizations strive to protect, security has never been a more relevant
topic. We‟ve illustrated that threats that are often ignored can potentially cause
irreparable damage. But there is hope: there are many techniques organizations can take
into consideration when designing their defenses. Hopefully this knowledge can be used
to help mitigate the risks posed by these kinds of attacks. In closing, in order to
effectively implement a security strategy, a multi-layered framework should be utilized.
Even though technical counter-measures are an important aspect, it‟s important to
prioritize the human element of security, as your employees in most cases are both your
first and only line of defense.
18

12. References
http://www.microsoft.com/protect/computer/basics.mspx

http://www.tech-faq.com/internet-bots.shtml

http://antivirus.about.com/b/2006/05/31/whats-a-trojan-horse-virus.htm

http://www.pchell.com/virus/sasser.shtml

Goodchild, J. (2010, January 11). Social Engineering: The Basics. Retrieved May 15, 2010, from
CSO Online:
http://www.csoonline.com/article/514063/Social_Engineering_The_Basics

King, B. (2006). The Lying Ape: An Honest Guide to a World of Deception. Icon Books
Limited.

Kotadia, M. (2004, November 1). Greatest security risk: Social engineering, says Gartner.
Retrieved May 14, 2010, from ZDNet Australia:
http://www.zdnet.co.uk/news/security-management/2004/11/01/greatest-security-risk-social-
engineering-says-gartner-39172157/

Microsoft. (2006, August 18). How to Protect Insiders from Social Engineering Threats.
Retrieved May 10, 2010, from Microsoft TechNet Library – Security Business Guidance:
http://technet.microsoft.com/en-us/library/cc875841.aspx

Mills, E. (2008, June 20). Social Engineering 101: Mitnick and other hackers show how it’s
done. Retrieved May 20, 2010, from CNET News:
http://news.cnet.com/8301-1009_3-9995253-83.html

http://www.usdoj.gov/criminal/cypercrime/melissaSent.htm Accessed 5th May 2003.


Cronkhite, C. and McCullough, J. (2001) Access Denied :The Complete Guide to Protecting
Your
Business Online. Osborne: McGraw-Hill..
Dwan, B.(2000) “The Computer Virus –– From There to Here.: An Historical Perspective”
Computer
Fraud & Security, 2000(12),pp. 13-16
Gordon, S. (1994). “The Generic Virus Writer”
http://www.research.ibm.com/antivirus/SciPapers/Gordon/Generic Virus Writer.html
Accessed 4th May 2003.
Gordon, S. (2000). “Virus Writer: The End of The Innocence”
http://www.research.ibm.com/antivirus/SciPapers/VB2000SG.htm Accessed 27th Apr 2003.
Hannaford, C. S.( 1995) “Can computer security really make a difference? ”, Managerial
Auditing
19

S-ar putea să vă placă și