The document discusses computer security as the protection of computing systems and data, emphasizing the importance of confidentiality, integrity, availability, and authentication. It addresses the risks of internet privacy violations, such as phishing and malware, and offers preventative measures like using strong passwords and firewalls. Additionally, it details various types of computer viruses and their potential impacts on system performance and data integrity.

1. Chapter Five
Computer Security and Viruses
1

2. Computer Security and Viruses
 Computer Security is the protection of computing systems
and the data that they store or access.
 Computer Security is the process of preventing and detecting
unauthorized use of your computer. It involves the process of
safeguarding against intruders from using your computer
resources for malicious intents or for their own gains (or
even gaining access to them accidentally).
2

3. Cont’d
 Computer security is a branch of Information Security
and is often used interchangeably with the term. It
encompasses several security measures such as software
programs like anti-virus suites, firewalls, and user
dependant measures.
 Computer security is the protection of data, networks and
computing power.
3

4. Cont’d
 Computer security is frequently associated with four core areas,
which can be conveniently summarized by the acronym "CIAA"
Computer Security is concerned with four main areas:
1. Confidentiality:- Only authorized users can access the data
resources and information.
2. Integrity:- Only authorized users should be able to modify the data
when needed.
3. Availability:- Data should be available to users when needed.
4. Authentication:- are you really communicating with whom you
think you are communicating with.
4

5. Cont’d
 What are the consequences for security violations?
 Risk to security and integrity of personal or confidential information.
 e.g. identity theft, data corruption or destruction, unavailability of
critical information in an emergency
 Loss of valuable business information.
 Loss of employee and public trust, embarrassment, bad publicity, media
coverage, news reports.
 Costly reporting requirements in the case of a compromise of certain
types of personal, financial and health information.
 Internal disciplinary action(s) up to and including termination of
employment, as well as possible penalties, prosecution and the potential
for sanctions / lawsuits.
5

6. Cont’d
 Some key steps that everyone can take include:
 Use good, cryptic passwords that can't be easily guessed - and keep
your passwords secret
 Make sure your computer, devices and applications (apps) are current
and up to date
 Make sure your computer is protected with up-to-date antivirus and
anti-spyware software
 Don't click on unknown links or attachments, and don't download
unknown files or programs onto your computer or other devices
 Remember that information and passwords sent via standard,
unencrypted wireless are especially easy for hackers to intercept
6

7. Cont’d
Why is Computer Security Important?
 Computer Security allows the University to carry out its
mission by:
 Enabling people to carry out their jobs, education, and
research
 Supporting critical business process
 Protecting personal and sensitive information
7

8. Internet Privacy
 Internet privacy is the privacy and security level of
personal data published via the Internet. It is a broad term
that refers to a variety of factors, techniques and
technologies used to protect sensitive and private data,
communications, and preferences.
 Internet privacy is cause for concern for any user
planning to make an online purchase, visit a social
networking site, participate in online games or attend
forums. If a password is compromised and revealed, a
victim's identity may be fraudulently used or stolen.
8

9. Cont’d
 Internet privacy risks include:
 Phishing: An Internet hacking activity used to steal secure user
data, including username, password, bank account number,
security PIN or credit card number.
 Pharming: An Internet hacking activity used to redirect a
legitimate website visitor to a different IP address.
 Spyware: An offline application that obtains data without a
user's consent. When the computer is online, previously
acquired data is sent to the spyware source.
 Malware: An application used to illegally damage online and
offline computer users through Trojans, viruses and spyware.
9

10. Cont’d
 Internet privacy violation risks may be minimized, as follows:
 Always use preventative software applications, such as
anti-virus, anti-malware, anti-spam and firewalls
 Avoid shopping on unreliable websites
 Avoid exposing personal data on websites with lower
security levels
 Clear the browser's cache and browsing history on a
consistent basis
 Always use very strong passwords consisting of letters,
numerals and special characters.
10

11. Cont’d
 The methods to ensure Internet security
1.Use a firewall
 Network firewalls (whether software or hardware-
based) can provide some degree of protection against
these attacks.
2. Don't open unknown email attachments
 Before opening any email attachments, be sure you
know the source of the attachment
11

12. Cont’d
 If you must open an attachment before you can verify the
source, we suggest the following procedure:
A.Save the file to your hard disk.
B.Scan the file using your antivirus software.
C.Open the file.
 For additional protection, you can disconnect or lock your
computer's network connection before opening the file.
12

13. Cont’d
 Don't run programs of unknown origin
 Disable hidden filename extensions
 Keep all applications, including your operating system,
patched
 Turn off your computer or disconnect from the network
when not in use
13

14. Computer Viruses
 A computer virus is a malware program that, when executed,
replicates by inserting copies of itself (possibly modified) into
other computer programs, data files, or the boot sector of the
hard drive; when this replication succeeds, the affected areas
are then said to be "infected".
 Are a self replicating/ copying computer program that
interferes with a computer’s hardware or operating system and
duplicates itself without the user’s knowledge.
14

15. Cont’d
 It is means of causes of disaster on a computer system.
 It may damage, corrupt/destroy data or degrade system
performance
15

16. Cont’d
 Classification of computer viruses
1. File viruses: file infecting viruses search out executable files
located on a disk or hard drive and physically attach them.
When the files run, the virus is activated, often infecting
other files in the process.
2. Memory resident viruses: these viruses attach themselves to
executable files, but when the file runs, load themselves into
memory where they stay as long as the computer is on. While
in memory they spread the infection to other files.
16

17. Cont’d
3. Boot sector viruses: these are sometimes called partition
table viruses. They attach the boot sector of a floppy disk or
the master boot record on a hard drive (which hold
instructions that get your computer’s operating system up and
running).
4.Stealth viruses: a computer virus that actively hides itself
from antivirus software by either masking the size of the file
that it hides in or temporary removing itself from the infected
file and place a copy of itself in another location on the drive,
replacing the infected file with an uninfected one that it has
stored on the hard drive.
17

18. 18
Cont’d
5. Polymorphic viruses: A type of computer virus that has the
capability of changing its own code, allowing the virus to
have hundreds/thousands of d/t variants, making it much
more difficult to notice/detect.

19. 19