computer virus and related legal issues
TRANSCRIPT
Establishing Type of Virus Protection, Viruses –Legal Issue, Handling Third Party
Software
Presented By Shweta Ghate
MIT college of Engineering
Agenda•Introduction of Virus.
• Types of Viruses
• Legal issues of Protection
• Handling Third Party Software.
•References
Introduction To Virus Definition A virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner.
Viruses can damage your hardware, software or files and replicate themselves.
Types of VirusThere are two main types of virus.1.Resident• A VIRUS doing same thing with the
help of Operating system and memory called Residential virus
2.Non-resident• Those viruses searching new file to
affect called Non-residential virus.
Basic Types Of VirusTrojan Horses Appears as interesting program file but
when installed it allows intruders to access and read your files.Eg: “I LOVE YOU“.
Worms Virus that copies and multiplies itself by
using computer networks and security flaws. Eg.“CODE RED”
E-mail Viruses Use e-mail messages to spread which
allow it to automatically forward itself to thousands of people Eg. Rasom virus
Types of VirusBoot Sector Virus• A boot sector virus infects diskettes and hard
drives. • Boot sector viruses often spread to other
computers by the use of shared infected disks and pirated software applications.
.Program viruses• Active when the program file (usually with
extensions .BIN, .COM, .EXE, .OVL, .DRV) carrying the virus is opened.
• Once active, the virus will make copies of itself and will infect other programs on the computer.
Continued….Macro Virus• Programmed as a macro embedded in a document,
usually found in Microsoft Word and Excel• Once it gets in to your computer, every document you
produce will become infected• Relatively new type of virus and may slip by your
antivirus software if you don't have the most recent version installed.
• Eg. Melissa
Multiparitite virus• Hybrid of a Boot Sector and Program viruses. • Infects program files and when the infected program
is active it will affect the boot record
Virus-Legal Issues of protection Grounds on which virus creation or distribution may be found to be illegal • Unauthorized Access Any kind of access without the
permission E.g :Hacking
• Unauthorized Modification Any kind of modification to the data
without the permission of the User Eg. Email attacks
Continued…Incitement• Includes making available viruses, virus
code, information on virus creation, and virus engines.
Denial of Service attacks• Flooding a computer resource with more
requests than it can handle. This causes the resource to crash thereby denying access of service to authorized users.
Continued..
• All such kind of attacks come under Cyber Crime i.e “unlawful acts
wherein the computer is either a tool or target or both”.
• Thus to control the Cyber Crime “Cyber Laws “ were introduced .
Cyber Laws
The world 1st computer specific law was enacted in the year 1970 by the German State of Hesse in the form of ‘Data Protection Act, 1970’ with the advancement of cyber technology.
Indian parliament passed its “INFORMATION TECHNOLOGY ACT, 2000” on 17th October to have its exhaustive law to deal with the technology .
IT ACT OF INDIA 2000
The Information Technology Act, 2000 aims to provide for the legal framework so that legal sanctity is accorded to all electronic records and other activities carried out by electronic means.
This ACT defines many CHAPTERS, which defines different kinds of punishments for different types of crime.
IT ACT OF INDIA 2000CHAPTER IX
• Act talks about penalties and adjudication (preparing official judgment)for various offences.
• The penalties for damage to computer systems etc. has been fixed as damages by way of compensation not exceeding Rs. 1,00,00,000 to affected persons.
Continued…Penalty : 2year prisonment or/and 2lack penalty
The Act talks of appointment of any officers not below the rank of a Director to the Government of India or an equivalent officer of state government.
Adjudicating Officer has been given the powers of a Civil Court.
Protection mechanism
• Anti-virus • Firewall
• Recovery
• Online Backup Data
Handling Third Party Software
• Third party software refers to programs that are developed by companies other than the company that developed the computer's operating system.
• Eg. Windows programs developed by companies other than Microsoft are called third party programs.
Continued.. The risk is not in code that internal developers
have written, but in components provided by outside developers, whether open-source libraries or third-party toolkits.
There is an assumption that vendors and open-source developers have gone through the security checkpoints during the application development process, and that assumption is false.“
To secure their software, companies must first figure out which code components have become part of their code base
Continued…To analyze the software the developers and IT
security teams need to do an application assessment .
They need to find the vulnerabilities in the software :through static analysisby monitoring the developer's support forumthrough an intelligence service that tracks changes to software.
The company can then make an informed decision to patch the software or, if a patch is not practical, use a runtime analysis product to harden the application against exploitation of any critical vulnerabilities.
Continued….
Binary only Source
Publicly available
e.g. downloadable
"Software"
Bilateral Agreements
e.g. "Collaboration Agreements"
Publicly available
"Open Source""Free Software"
References
• www.opensource.org• www.wiseGEEK.com• www.spamlaws.com• www.cyberlawsindia.net• Chieh-jen,Chao-Ching Wang,” A Scalable
High-Performance Virus Detection Processor Against a Large Pattern Set for Embedded Network Security ” ,IEEE, pages 841-854, May 2012.
THANK YOU