On-Line Security: Attacks and Solutions

Table of Context

1. INTRODUCTION 3

2. MAIN TYPES OF MALWARE 4

2.1. Computer Viruses 4

2.1. Computer Worms 5

2.3. Trojan Horses 6

2.4. Spyware 6

2.5. Backdoor 6

2.6. Spams 7

2.7. Keyloggers 7

2.8. Browser Hijacking 7

2.9. Dialers 7

2.10 Rootkit 7

2.11. Exploits 7

3. UP-TO-DATE MALWARE 8

3.1. Adware 8

3.2. Parasiteware 8

3.3. Thiefware 8

3.4. Pestware 8

3.5. Browser Helper Object, BHO 8

3.6. Remote Administration Tool, RAT 8

3.7. Commercial RAT 8

3.8. Botnet 9

3.9. Flooder 9

3.10. Hostile ActiveX 9

3.11 Hostile Java 9

3.12. Hostile Script 9

3.13. IRC Takeover War 9

3.14. Nuker 9

3.15. Packer 9

3.16. Binder 9

3.17. Password Capture and Password Hijacker 10

3.18. Password Cracker 10

3.19. Key Generator 10

3.20. E-mail Bomber 10

3.21. Mass Mailer 10

3.22. E-mail Harvester 10

3.23. Web Bugs 10

3.24. Hoax 10

3.25. Phishing 10

3.26. Web Scam and Fraud 10

4. PROVIDING ONLINE SECURITY 11

4.1. Firewall 11

4.1.1 Types of Firewall 11

4.1.2. Positive Effects of the Firewall 11

4.1.3. Negative Effects of the Firewall 11

4.2. Data Encryption 12

4.2.1. Symmetric-key Encryption 12

4.2.2. Asymmetric-key Encryption 12

4.3. Antivirus Software 12

4.3.1. Historical Development of Antivirus Software 13

4.3.1.1. First-generation software 13

4.3.1.2. The second-generation software 13

4.3.1.3. Third-generation software 13

4.3.1.4. The fourth-generation software 13

4.3.2. Advanced anti-virus techniques 14

4.3.2.1. General analysis 14

4.3.2.2. Digital immune system 14

4.4. Internet Protocol Security (IPSec) 14

5. CONCLUSIONS 14

REFERENCES 15

1. INTRODUCTION

Information security can be defined as protection of knowledge as an asset for any damages, prevention of acquisition by unwanted users of the right technology, properly using the right purpose and in all kinds of information. The purpose of security in computer technology, individuals and organizations face in using these technologies taking measures by making threats and advance hazards analysis.

Recently with the development of computer technology in information and computer security at the beginning of the most serious threats come from malicious software. Malicious software or Malware is the general name for unwanted software designed to cause damage on or disrupt the work on the other machines on an infected computer system or network [1]. Malwares are infecting to the other systems without the knowledge the user or user systems by tricking them [2].

Scum ware referred to as malware, be formed with almost any programming or scripting language, or can be transported in several files [3].

In terms of historical development, types of malware, can be examined in four generations [2, 4]:

1. Generation (1987-1995): Computer viruses, especially in this period that dominated by DOS viruses, malicious software was infecting through the files and floppy disks. In 1995, their age closed by Windows 95, the first operating system with protected-mode operating system.

2. Generation (1995-2000): In light of recent developments in the personal computer world especially on images, audio and video files with support for multi-media containing materials such as using Microsoft Word, Excel, and powerful capabilities that comes with office programs such as the macro language of a generation that uses the density of malware. The macro language of this period gave an huge opportunity to people who cannot able to use the machine language of Win32 platform. Macros are still in use, although this period ended with the spread of virus-scanning programs.

3. Generation (1999-2002): Especially with the increase in Internet usage and e-mail communication amount of mass mailers increased in this generation, especially benefiting from the vulnerabilities of e-mail and internet browser programs. During this period, malware, are benefiting from the opportunities offered by the various scripting languages, or has chosen the path of transmission systems in the files attached to e-mails. E-mail filtering programs to block this kind of malicious software reached a certain saturation.

4. Generation (2001 -): The most important difference from other generations on this generation which is still ongoing, no need for the assistance of a significant user to spread. This period begins with Code Red worm in 2001, malware, benefits from vulnerabilities in the system and programs. With this term types of malware has started to spread, especially serious consequences with the illegal and criminal damages. With this generation, types of malware that cannot replicate itself started to be seen such as keyboard listening systems.

Malware that threaten ordinary

...