DOCSLIB.ORG

1 1111 Iffl IM Iffi 1111111111 Hifi 11111111 II 0000103230

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
1 1111 Iffl IM Iffi 1111111111 Hifi 11111111 II 0000103230 PERPUSTAKAAN UMP 1 1111 Iffl IM Iffi 1111111111 Hifi 11111111 II 0000103230 MAL WARE CLASSIFICATION BASED ON TARGET LOCATION NASUHA BINTI NOOR BAHA A thesis submitted in fulfilment of the requirements for the award of the degree of the Bachelor of Computer Science (Computer Systems & Networking) with Honours FACULTY OF COMPUTER SYSTEMS & SOFTWARE ENGINEERING UNIVERSITI MALAYSIA PAHANG DECEMBER 2014 ABSTRACT The combination of Malicious and Software have contribute a phrase call as Malware. Malware are software that is intended to damage or disable computers and computer systems. Maiware is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. In addition maiware will interrupt user on activities by using computer. The processes of classification show that maiware need to classify detected objects with antivirus program. The antivirus industry used simple classification methods, comprising a unique name and the size of the detected file. However, a single antivirus could end up being called different names bydifferent antivirus solutions, which can lead confusion. Now days, malicious programs are rapidly increases as well as the advent of new platforms of antivirus. The specific problem that maiware has create, now a days there are various type of malware that become difficulty to antivirus to confirm or differentiate what type of malware attack the computer based on their characteristics. There are consists many different type or different characteristics of malware have been created. The goal of this project is to classify maiware based on target class. To achieve this goal three objectives need to finish up which are to investigate system directory in window based on platform, to design maiware classification system based on identified targeted class and to develop system for classifying maiware based on target location. In this paper, problem had been identified and reviewed the existing malware detection. From analysis, other way had been proposed for maiware classification based on target location. Output from this framework can be used by system administrator to plan and implement prevention mechanism in order to minimize future maiware threat. Vi ABSTRAK Gabungan perkataan virus dan perisian telah menerbitkan frasa barn iaitu Maiware. Maiware adalah perisian yang bertujuan untuk merosakkan atau menggangu komputer dan sistem komputer .Malware merupakan perisian yang digunakan untuk mengganggu operasi komputer, mengumpul makiumat sensitif,atau mendapat akses kepada sistem komputer peribadi. Selain maiware akan mengganggu pengguna mengenai aktjviti dengan menggunakan komputer. Proses pengelasan menunjukkan bahawa maiware perlu mengklasifikasikan objek dikesan dengan program antivirus. Industri antivirus digunakan kaedah kiasifikasi mudah, terdiri daripada nama yang unik dan saiz fail yang dikesan. Walaubagaimanapun, satu antivirus menunjukkan boleh mengklasifikasikan maiware yang sama tetapi memberi keputusan analisis yang berbeza, yang boleh membawa kekeliruan. Sehingga hari ini, maiware jahat semakin pesat meningkat serta kemunculan platform barn antivirus. Masalah kepesatan jenis maiware baru muncul, telah menjadi kesukaran kepada antivirus untuk mengesahkan atau membezakan jenis serangan maiware komputer berdasarkan ciri-ciri mereka. Ada diantara maiware barn terdiri daripada jenis yang berbeza atau ciri-ciri yang berbeza daripada maiware sedia ada. Matlamat projek mi adalah untuk mengelaskan maiware berdasarkan kelas sasaran di system direktori Windows. Untuk mencapai matlamat mi tiga objektif perlu selesaikan pertama mengkaji system direktori berdasakan platform Windows, kedua membentuk sistem kiasifikasi maiware berdasarkan kelas sasaran yang dikenal pasti dan akhir sekali untuk membangunkan sistem untuk mengklasifikasikan maiware berdasarkan lokasi sasaran. Dalam kertas kerja mi, masalah telah dikenal pasti dan dikaji pengesanan maiware yang sedia ada. Dari analisis, cara lain telah dicadangkan untuk pengelasan maiware berdasarkan lokasi sasaran. Output daripada rangka kerja mi boleh digunakan oleh pentadbir sistem untuk merancang dan melaksanakan mekanisme pencegahan untuk mengurangkan ancaman maiware masa hadapan. VII TABLE OF CONTENTS Page SUPERVISOR'S DECLARATION ii STUDENT'S DECLARATION ACKNOWLEDGEMENTS iv ABSTRACTS v ABSTRAK vi TABLE OF CONTENT vii LIST OF TABLES x LIST OF FIGURES xi CHAPTER 1 INTRODUCTION 1 1.1 Background 1 1.2 Problem Statement 2 1.3 Goal and Objectives 3 1.4 Scope Project 4 1.4.1 Functionality 4 1.4.2 Type of System 4 1.5 Methodology 4 CHAPTER 2 LITERATURE REVIEW 7 2.1 Overview 7 2.2 Malware 8 2.3 Maiware Types 11 2.4 Maiware Target 18 2.5 Comparison of Other Research About Maiware 21 2.5.1 Automated Classification and Analysis of Internet Malware2l 2.5.2 Framework for Malware Detection Using Combination 21 Viii Technique and Signature Generation 2.5.3 An Approach for Maiware Behavior Identification and 22 Classification 2.5.4 Optimizing Decision Tree Malware Classification System 22 by Using Genetic Algorithm 2.6 Discussion 25 CHAPTER 3 METHODOLOGY 26 3.1 Overview 26 3.2 Research Methodology 27 3.3 Overview of Research Methodology 27 3.3.1 Information Gathering 29 3.3.2 Create Class Windows System Directory 29 3.3.3 Design Maiware Classification System 30. 3.3.4 Identify Hardware and Software Tools 30 3.3.5 Implementation System 30 3.3.6 Testing and Evaluating The Complete System 30 3.4 Gantt Chart 31 3.5 Design and Framework 32 3.6 Design Phase of The System 33 3.6.1 1st Form 33 3.6.2 2nd Form 34 3.6.3 3rd Form 36 3.6.4 4th Form 37 CHAPTER 4 DESIGN IMPLEMENTATION 38 4.1 Overview 38 4.2 Framework 39 4.2.1 Malware 39 4.2.2 Classification 40 4.2.3 Design Framework 41 4.2.4 Sample File 42 4.2.5 Classifiation Process 42 4.3 System Architecture 42 ix 4.3.1 Resources Monitoring Process 43 4.3.2 Analysis and Filtering Data 44 4.3.3 Classification Data 44 4.3.4 Maiware Profile 44 CHAPTER 5 DISCUSSION 45 5.1 Overview 45 5.2 Result Analysis and Discussion 46 5.2.1 Result of Malware Classification Based on Target Location 46 5.3 Maiware Sample Result 48 5.4 Conclusion 51 REFERENCES 55 APPENDIX A 57 APPENDIX B 58 APPENDIX C 59 APPENDIX D 60 LIST OF TABLES Table No. Page 2.1 Types of maiware distribute and way it attack to computer 23 2.2 Summary comparison of the research in maiware detection 5.1 Result of Resources Monitoring 46 5.2 Sample of Maiware from ThreatExpert 50 5.3 Selected Maiware Sample from ThreatExpert 52 A LIST OF FIGURES Figures No. Page 1.1 Methodology of project 5 2.1 Show Maiware Evolution from 2003 to 2010 10 2.2 Types of malware attack network and computer 10 2.3 System directories in Windows 20 3.1 Main phase of the methodology 28 3.2 Research activities 31 3.3 Cont. Research activities 32 3.4 Process of Classification Malware 33 3.5 Main page of Malware Classification System 34 nd 3.6 21 page of the Maiware Classification System 35 3rd page Malware Classification System 36 3.8 4th page Malware Classification System 37 4.1 Results of malware detection using different brand of antivirus 39 4.2 Design Framework Malware Classification 41 4.3 Process of Classification Maiware 43 5.1 Result from ThreatExpert 48 5.2 Maiware Behavior in System Directory 52 5.3 System Directory Ranking for Maiware Target Location 54 CHAPTER 1 INTRODUCTION 1.1 Background The combination of Malicious and Software have contribute a phrase call as Maiware. Maiware are software that is intended to damage or disable computers and computer systems. Maiware is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. In addition malware will interrupt user on activities by using computer (Wikipedia). User also will feel unsecured because of maiware even though an antivirus on computer or laptop. According to Mayer (2011), some computer consultants say the global malware threat has gotten so bad that conventional security measures, such as anti-virus software, are no longer adequate to fight them. It is because antivirus cannot prevent the malware 100%. Mohammad (2010) stated that "If use anti-virus, user might even be vulnerable to malWare for some extent". 2 Computer Antivirus Researcher's Organization (CARO) (1990) had attempts to regulate the classification process of maiware. The processes of classification show that maiware need to classify detected objects with antivirus program. The antivirus industry used simple classification methods, comprising a unique name and the size of the detected file. However, a single antivirus could end up being called different names by different antivirus solutions, which can lead confusion. Now days, malicious programs are rapidly increases as well as the advent of new platforms of antivirus. There are several types of malware that being classified based on their type. There are Pishing, Spyware, Trojan Horse, Virus, Worm, Adware, Crimeware, Keyloggers, Hijackers, Rogue Security Software and etc. Statistic shows that maiware attack window platform 84.3 % of all virus infections can be traced back to the drive-by attacks from malicious or compromised websites according to Jonas(2013). All of these malware have different characteristics and different ways to attack computer. 1.2 Problem Statement Hybrid maiware is malicious code that combines characteristics of different types of maiware (Margeret, 2008). Typically different maiware have different characteristics. It is very difficult to find out exactly what types of maiware have attack our computer even though with the latest antivirus. Maiware give a bad threat to computer's user. The intelligence of maiware now days should not be underestimated by computer's user. It should be a main reason why user should secure their computer from the maiware. It is because the maiware are created with different characteristic to create a problem to computer's user. 3 The specific problem that maiware has create, now a days there are various type of maiware that become difficulty to antivirus to confirm or differentiate what type of maiware attack the computer based on their characteristics.
Load more

Recommended publications
  • Reversing Malware [Based on Material from the Textbook]
    SoftWindows 11/23/05 Reversing Malware [based on material from the textbook] Reverse Engineering (Reversing Malware) © SERG What is Malware? • Malware (malicious software) is any program that works against the interest of the system’s user or owner. • Question: Is a program that spies on the web browsing habits of the employees of a company considered malware? • What if the CEO authorized the installation of the spying program? Reverse Engineering (Reversing Malware) © SERG Reversing Malware • Revering is the strongest weapon we have against the creators of malware. • Antivirus researchers engage in reversing in order to: – analyze the latest malware, – determine how dangerous the malware is, – learn the weaknesses of malware so that effective antivirus programs can be developed. Reverse Engineering (Reversing Malware) © SERG Distributed Objects 1 SoftWindows 11/23/05 Uses of Malware • Why do people develop and deploy malware? – Financial gain – Psychological urges and childish desires to “beat the system”. – Access private data – … Reverse Engineering (Reversing Malware) © SERG Typical Purposes of Malware • Backdoor access: – Attacker gains unlimited access to the machine. • Denial-of-service (DoS) attacks: – Infect a huge number of machines to try simultaneously to connect to a target server in hope of overwhelming it and making it crash. • Vandalism: – E.g., defacing a web site. • Resource Theft: – E.g., stealing other user’s computing and network resources, such as using your neighbors’ Wireless Network. • Information Theft: – E.g., stealing other user’s credit card numbers. Reverse Engineering (Reversing Malware) © SERG Types of Malware • Viruses • Worms • Trojan Horses • Backdoors • Mobile code • Adware • Sticky software Reverse Engineering (Reversing Malware) © SERG Distributed Objects 2 SoftWindows 11/23/05 Viruses • Viruses are self-replicating programs that usually have a malicious intent.
    [Show full text]
  • Topics in Malware What Is Malware?
    Topics in Malware What is Malware? • Malware (malicious software) is any program that works against the interest of the system’s user or owner. • Question: Is a program that spies on the web browsing habits of the employees of a company considered malware? • What if the CEO authorized the installation of the spying program? Uses of Malware • Why do people develop and deploy malware? – Financial gain – Psychological urges and childish desires to “beat the system”. – Access private data – … Typical purposes of Malware • Backdoor access: – Attacker gains unlimited access to the machine. • Denial-of-service (DoS) attacks: – Infect a huge number of machines to try simultaneously to connect to a target server in hope of overwhelming it and making it crash. • Vandalism: – E.g., defacing a web site. • Resource Theft: – E.g., stealing other user’s computing and network resources, such as using your neighbors’ Wireless Network. • Information Theft: – E.g., stealing other user’s credit card numbers. Types of Malware • Viruses • Worms • Trojan Horses • Backdoors • Mobile code • Adware • Sticky software Metamorphic viruses • Instead of encrypting the program’s body and making slight alterations in the decryption engine, alter the entire program each time it is replicated. • This makes it extremely difficult for antivirus writers to use signature-matching techniques to identify malware. • Metamorphism requires a powerful code analysis engine that needs to be embedded into the malware. Metamorphic viruses: Operation • Metamorphic engine scans the code and generates a different version of it every time the program is duplicated. • The metamorphic engine performs a wide variety of transformations on the malware and on the engine itself.
    [Show full text]
  • Virus Bulletin, June 1996
    ISSN 0956-9979 JUNE 1996 THE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Ian Whalley CONTENTS Assistant Editor: Megan Skinner EDITORIAL Technical Editor: Jakub Kaminski A Little Knowledge… 2 Consulting Editors: VIRUS PREVALENCE TABLE 3 Richard Ford, Command Software, USA Edward Wilding, Network Security, UK NEWS 1. Yisrael Radai 3 2. Scary Monsters and Super Creeps? 3 IBM PC VIRUSES (UPDATE) 4 IN THIS ISSUE: INSIGHT • Through the looking-glass. Windows 95 descended on The Road is Long… 6 the world last year with a media outcry reminiscent of a VIRUS ANALYSIS major discovery in the medical field. With it, inevitably, came the threat of viruses, followed by anti-virus soft- CNTV – New Technology 8 ware developed for the system. What is available, and COMPARATIVE REVIEW how good are the products? VB has done an exhaustive When I’m Cleaning Windows 10 series of tests: turn to p.10 for the whole story. CONFERENCE REPORT • On being professional. NetPROT has been reincarnated as F-PROT Professional for NetWare: an evaluation of IVPC 96: Exponentially Yours 25 Command Software’s latest network baby can be found PRODUCT REVIEWS on p.26. 1. F-PROT Professional for NetWare 26 • Yisrael Radai. Just before going to print, VB learned of 2. Vi-Spy 29 the death of Yisrael Radai, internationally recognised END NOTES & NEWS 32 anti-virus researcher. Story on p.3. VIRUS BULLETIN ©1996 Virus Bulletin Ltd, 21 The Quadrant, Abingdon, Oxfordshire, OX14 3YS, England. Tel +44 1235 555139. /96/$0.00+2.50 No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form without the prior written permission of the publishers.
    [Show full text]
  • Virus Bulletin, July 1990
    July 1990 ISSN 0956-9979 THE AUTHORITATIVE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Edward Wilding Technical Editor: Fridrik Skulason, University of Iceland Editorial Advisors: Jim Bates, Bates Associates, UK, Phil Crewe, Fingerprint, UK, Dr. Jon David, USA, David Ferbrache, Heriot-Watt University, UK, Dr. Bertil Fortrie, Data Encryption Technologies, Holland, Hans Gliss, Datenschutz Berater, West Germany, Ross M. Greenberg, Software Concepts Design, USA, Dr. Harold Joseph Highland, Compulit Microcomputer Security Evaluation Laboratory, USA, Dr. Jan Hruska, Sophos, UK, Dr. Keith Jackson, Walsham Contracts, UK, Owen Keane, Barrister, UK, Yisrael Radai, Hebrew University, Israel, John Laws, RSRE, UK, David T. Lindsay, Digital Equipment Corporation, UK, Martin Samociuk, Network Security Management, UK, John Sherwood, Computer Security Consultants, UK, Roger Usher, Coopers&Lybrand, UK, Dr. Ken Wong, BIS Applied Systems, UK. CONTENTS FOR PROGRAMMERS The Structure of Virus Infection Part I .COM Files 10 EDITORIAL 2 SPECIAL FEATURE TUTORIAL Virus Writers and Distributors 12 Detection and Brute Force CONTERMEASURES Disinfection 3 Virus Monitoring Software - An Endless Battle 15 VIRUS ANALYSES MAC THREATS 17 Burgers Legacy I - Demonstration Disks 6 Burgers Legacy Continued PRODUCT EVALUATION - The Vienna Virus 7 Copy Protection: VB Policy 18 KNOWN IBM VIRUSES (UPDATES) 9 ENDNOTES & NEWS 20 VIRUS BULLETIN ©1990 Virus Bulletin Ltd, 21 The Quadrant, Abingdon Science Park, Oxon, OX14 3YS, England. Tel (+44) 235 555139. /90/$0.00+2.50 This bulletin is available only to qualified subscribers. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means, electronic, magnetic, optical or photocopying, without the prior written permission of the publishers.
    [Show full text]
  • Malware Slides
    Topics in Malware What is Malware? • Malware (malicious software) is any program that works against the interest of the system’s user or owner. • Question: Is a program that spies on the web browsing habits of the employees of a company considered malware? • What if the CEO authorized the installation of the spying program? Uses of Malware • Why do people develop and deploy malware? – Financial gain – Psychological urges and childish desires to “beat the system”. – Access private data – … Typical purposes of Malware • Backdoor access: – Attacker gains unlimited access to the machine. • Denial-of-service (DoS) attacks: – Infect a huge number of machines to try simultaneously to connect to a target server in hope of overwhelming it and making it crash. • Vandalism: – E.g., defacing a web site. • Resource Theft: – E.g., stealing other user’s computing and network resources, such as using your neighbors’ Wireless Network. • Information Theft: – E.g., stealing other user’s credit card numbers. Types of Malware • Viruses • Worms • Trojan Horses • Backdoors • Mobile code • Adware • Sticky software Viruses • Viruses are self-replicating programs that usually have a malicious intent. • Old fashioned type of malware that has become less popular since the widespread use of the Internet. • The unique aspect of computer viruses is their ability to self-replicate. • However, someone (e.g., user) must execute them in order for them to propagate. Viruses (Cont’d) • Some viruses are harmful (e.g.,): – delete valuable information from a computer’s disk, – freeze the computer. • Other viruses are harmless (e.g.,): – display annoying messages to attract user attention, – just replicate themselves.
    [Show full text]
  • SPECIAL FEATURE Modified Version of the South African Virus (Which Interpath Call X-12)
    Page 12 VIRUS BULLETIN July 1990 Virus-B is not, in fact an entirely new specimen, but a SPECIAL FEATURE modified version of the South African virus (which InterPath call X-12). Virus-B only infects .COM files and Dr. Jan Hruska displays a clear infection message upon execution of infected programs. According to the documentation the Virus Writer and Distributors virus will: increase the size of the infected program by about Attributable Viruses 500 bytes. An infected program will cause no damage but it will be a nuisance if a large number of systems It is not easy to establish the origins of a computer virus programs become infected. and it is rare that positive indicators as to authorship can be found by examining virus code. There are, of course, The documentation also acknowledges certain dangers notable exceptions to this. including the possibility that Hackers could re-activate Virus-B to return to destructive mode. It goes on to say The Brain virus, for instance, includes the authors names, that Such a person could just as easily write a virus from address and telephone numbers embedded in the boot scratch if they were so inclined, but the potential for sector. The virus code was written by two computer reactivation exists. software retailers and was reportedly developed as a means of copy-protection - a measure to punish Reference is made to built in protection mechanisms bootleggers. (see Figure 1.) which explains that the code segment for the destructive mechanism has been left intact (so that it may be Toulme analysed) but that the branch instructions to these segments have been removed.
    [Show full text]
  • Limiting Vulnerability Exposure Through Effective Patch Management: Threat Mitigation Through Vulnerability Remediation
    Limiting Vulnerability Exposure through effective Patch Management: threat mitigation through vulnerability remediation Submitted in fulfilment of the requirements of the degree MASTER OF SCIENCE in the Department of Computer Science of Rhodes University Dominic Stjohn Dolin White <[email protected]> January 2006 Abstract This document aims to provide a complete discussion on vulnerability and patch management.It looks first at the trends relating to vulnerabilities, exploits, attacks and patches. These trends provide the drivers of patch and vulnerability management. Understanding these allows the fol- lowing chapters to present both policy and technical solutions to the problem. The policy lays out a comprehensive set of steps that can be followed by any organisation to implement their own patch management policy, including practical advice on integration with other policies, manag- ing risk, strategies for reducing downtime and vulnerability and generating patch metrics. It then discusses how best a vendors should implement a related patch release policy that will allow end-users to most effectively and timeously mitigate vulnerabilities. The next chapter discussed the technical aspect of automating parts of such a policy and how defence in depth can be ap- plied to the field of patch management. The document then concludes that patch management is becoming more difficult and the guidelines described will go a long way into creating a workable and effective means for mitigating exposure to vulnerabilities. However, more research is needed into vulnerabilities, exploits and particularly into threats. Contents 1 Introduction 1 1.1 Backgrounds .................................... 1 1.2 PatchManagement ................................. 3 1.2.1 Definitions ................................. 4 1.3 TheNeedforPatchManagement.
    [Show full text]
  • Tietokonevirusten Toiminnallisuuden Tutkiminen
    Tietokonevirusten toiminnallisuuden tutkiminen Jonne Okkonen, TTV18S3 Joonas Niinimäki, TTV18S3 Harjoitustyö Kyberturvallisuus, Jarmo Nevalainen 17.11.2019 Tieto – ja viestintätekniikka 1 Sisältö 1 Johdanto ........................................................................................................ 3 2 Virusten historiaa 1960-1979 .......................................................................... 3 2.1 Vuodet 1980-1989 ....................................................................................... 5 2.2 Vuodet 1990-1999 ....................................................................................... 8 3 Virukset informaatioaikakautena 2000-2019 ................................................... 9 3.1 Korkeaprofiilisia viruksia ........................................................................... 10 3.2 Tietokonevirusten trendit maailmalla ....................................................... 17 4 Tutkittavat virukset ...................................................................................... 20 5 Pohdinta....................................................................................................... 25 Lähteet ................................................................................................................ 26 Kuvat Kuva 1 The Creeper tietokoneviruksen näyte. ....................................................... 4 Kuva 2 Elk-cloner tietokoneviruksen näyte. ........................................................... 5 Kuva 3 Cascade tietokoneviruksen näyte. .............................................................
    [Show full text]
  • Exploration of Clustering Overlaps in a Ransomware
    EXPLORATION OF CLUSTERING OVERLAPS IN A RANSOMWARE NETWORK BASED ON LINK STRUCTURES AND CONTENT RELEVANCE (Exploration of temporal events and the formation of cluster overlap in a ransomware network) BERNARD CHUKWUEMEKA OGAZI-ONYEMAECHI PhD, MEng, MSc, BSc Doctor of Philosophy (PhD) SCHOOL OF COMPUTING, SCIENCE AND ENGINEERING UNIVERSITY OF SALFORD A Thesis Submitted in Partial Fulfilment of the Requirements for the Degree of Doctor of Philosophy MARCH 2019 Contents EXPLORATION OF CLUSTERING OVERLAPS IN A RANSOMWARE NETWORK BASED ON LINK STRUCTURES AND CONTENT RELEVANCE ................................. i Contents ................................................................................................................................. ii List of figures ....................................................................................................................... vi List of Appendices ................................................................................................................ xi Acknowledgments ............................................................................................................... xii Dedication........................................................................................................................... xiii Declaration ......................................................................................................................... xiv Abstract...............................................................................................................................
    [Show full text]
  • Information Security
    Cyber Security Audit in Business Environments Kemal Hajdarevic II Cyber Security Audit in Business Environments Kemal Hajdarevic Sarajevo, 2018 III Author: Dr. Kemal Hajdarević Proofreading Pat Allen & Ana Tankosić Publisher: International Burch University Editor-in-Chief: Dr. Kemal Hajdarević Reviewed by: Prof. Dr. Colin Pattinson Prof. Dr. Mario Spremić DTP & Design: Dr. Kemal Hajdarević DTP and Prepress: International Burch University Circulation: Electronic document Place of Publication: Sarajevo Copyright: International Burch University, 2018 Reproduction of this Publication for educational or other non-commercial purposes is authorized without prior permission from the copyright holder. Reproduction for resale or other commercial purposes prohibited without prior written permission of the copyright holder. Disclaimer: While every effort has been made to ensure the accuracy of the information, contained in this publication, International Burch University will not assume liability for writing and any use made of the proceedings, and the presentation of the participating organizations concerning the legal status of any country, territory, or area, or of its authorities, or concerning the delimitation of its frontiers or boundaries. ----------------------------------- CIP - Katalogizacija u publikaciji Nacionalna i univerzitetska biblioteka Bosne i Hercegovine, Sarajevo 004.056:658 HAJDAREVIĆ, Kemal Cyber security audit in business environments [Elektronski izvor] / Kemal Hajdarevic. - El. knjiga. - Sarajevo : International Burch University,
    [Show full text]
  • Bibliography of Selected Computer Security Publications January 1980- October 1989
    NIST Special Publication 800-1 Bibliography of U.S. DEPARTMENT OF Selected Computer COMMERCE National Institute of Standards Security Publications and Technology January 1980- NAT L INST OF STAND 4 October 1989 l^l^j""' l l A111D3 MbEl^lb Rein Turn Lawrence E. Bassham III NIST PUBLICATIONS COMPUTER SECURITY 100 .U57 800-1 _ 1990 C.2 NIST Special Publication 800-1 Bibliography of Selected Computer Security Publications January 1980- October 1989 Rein TUm, Compiler Rein Tlim Associates Pacific Palisades, CA 90727 Lawrence E. Bassham III, Editor COMPUTER SECURITY National Computer Systems Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899 December 1990 U.S. DEPARTMENT OF COMMERCE Robert A. Mosbacher, Secretary NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY John W. Lyons, Director Reports on Computer Systems Technology The National Institute of Standards and Technology (NIST) has a unique responsibility for computer systems technology within the Federal Government. NIST's National Computer Systems Laboratory (NCSL) develops standards and guidelines, provides technical assistance, and conducts research for comput- ers and related telecommunications systems to achieve more effective utilization of Federal information technology resources. NCSL's responsibilities include development of technical, management, physical, and administrative standards and guidelines for the cost-effective security and privacy of sensitive unclassified information processed in Federal computers. NCSL assists agencies in developing security plans and in improving computer security awareness training. This Special Publication 800 series reports NCSL research and guidelines to Federal agencies as well as to organizations in industry, government, and academia. National Institute of Standards and Technology Special Publication 800-1 Natl.
    [Show full text]
  • Virus Bulletin, September 1997
    ISSN 0956-9979 SEPTEMBER 1997 THE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Nick FitzGerald CONTENTS Editorial Assistant: Francesca Thorneloe Technical Editor: Jakub Kaminski EDITORIAL Trying Times 2 Consulting Editors: VIRUS PREVALENCE TABLE 3 Ian Whalley, Sophos Plc, UK Richard Ford, IBM, USA NEWS Edward Wilding, Network Security, UK 1. Defusing the Situation 3 2. The Suite Smell of Success 3 IBM PC VIRUSES (UPDATE) 4 IN THIS ISSUE: VIRUS ANALYSES • Memorial stone: This month’s virus analyses focus on a 1. Junkie Memorial? 6 a DOS COM/EXE and Windows 95 virus with an interest- 2. Search for a Heart of Stone 8 ing manner of going resident, and a DOS virus that goes zombie. Read about them from p.6. COMPARATIVE REVIEW NT Promises 10 • A scan for all seasons: We test the mettle of eighteen of the latest anti-virus products for NT from major suppliers. PRODUCT REVIEWS Our comprehensive results could save you time and money. 1. Dr Solomon’s AVTK v7.72 for NetWare 18 Compare the scores for yourself from p.10. 2. AntiVirus Plus for Windows 95 21 • Read all about it! Check out the latest from Dr Solo- END NOTES AND NEWS 24 mon’s and Iris. Our two product reviews look at NetWare- and Windows 95-based software respectively. Catch up on developments, beginning on p.18. VIRUS BULLETIN ©1997 Virus Bulletin Ltd, The Pentagon, Abingdon, Oxfordshire, OX14 3YP, England. Tel +44 1235 555139. /97/$0.00+2.50 No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form without the prior written permission of the publishers.
    [Show full text]