B030710154

Program Security

Secure program is preventing program from any vulnerability. There are two type of program error, no malicious and malicious.

Non malicious program error:

• Buffer over flows

o Array bound in the system is accidentally not checked.

• Incomplete mediation

o Data being exposed or uncontrolled.

Malicious code is unanticipated effect in programs generated on intent of damage. Malicious program has two types, need host program and independent. Need host program mean the code need a host before it does harm into the system. Independent means malicious program can harm the system directly and does not need a host.

Need host program:

• Trapdoor is writing undocumented entry point into code for debugging can allow unwanted user.
• Logic boom is malicious code that activates on a event.
• Trojan is a program that performs useful function but sometime it performs an unexpected function.
• Virus is a code that copy itself to executable program to runs it functions (modify files or OS).

Independent program:

• Worm is a code that can replicate itself through a network.
• Bacteria / rabbit is a code that will replicate itself until it exhausted the resource or until it fills all disk space.

Difference of virus and worm

Virus:

• Need host
• Activated by external action
• Replication limited to virtual system
• Only can attack single platform

Worm:

• Self contained
• Activated by creating process
• In network replication occurs across communication link.
• Can shut down entire network.

Virus has many types like listed below:

• Parasitic virus is a virus that attach itself into executable files and runs when host program run.
• Memory resident virus is virus that lodged in main memory as part of residual operating system.
• Boot sector virus is infects the boot sector and spread when the OS boots up.
• Stealth virus is a virus that designed to hide from virus scanning programs.
• Polymorphic virus mutates in new host to prevent from detection.

We can prevent our system from infected by the virus by using detection tools, identification tools or removal tools. Scanner and disinfector are the most popular tools to protect our system from virus. Do not open any attachment, downloaded files, and floppy disk unless they have been scanned. Other ways to prevent the system from virus are by using commercial software from established vendor and update the antivirus at least once a week. There is no real way to measure the amount of damage that malicious code can do, all one can do is estimate it.