research paper 4
praveen1993
attachments.zipPraveen Ranghavanjahal.docx
Running head: CYBER SECURITY 1
CYBER SECURITY 15
Computer Worms Malware in Cyber Security
Praveen Ranghavajhala
201696
Harrisburg University
Computer Worms Malware in Cyber Security
Table of contents
Relationship to CPT …………………………………………………………3
Introduction………………………………………………………………….4
Problem statement and justification…………………………………………6
Literature review…………………………………………………………….8
Research design…………………………………………………………….10
Primary data collection……………………………………………………..10
Secondary data collection……………………………………......................12
Data analysis………………………………………………………………..14
References…………………………………………………………………..15
Appendix……………………………………………………………………16
Relationship to CPT
CPT course is an interesting course that aims at providing in-depth knowledge to students on computer security. Many students have heard of cyber security threats and some of us have actually experienced the attacks on our networks and computers that have significant consequences. We are aware but lack adequate skills and knowledge on how to prevent and manage these attacks for computer security perspective. This course should provide us with meaningful skills and knowledge that should help us to better approach computer security issues. Additionally, we will learn computer security topics to know and understand security terminologies such as malware, computer worms and Trojans among others, the network infrastructure security and Dos attacks among others that are essential in effective management of cyber security.
CPT course learning outcomes include the ability of students to identify computer system threats such as malware, clearly describe the function of computers in a security framework, application of cryptographic techniques in security, and development of organizational security policies. The research on malware, in particular, computer worms in cyber security will provide in-depth information on computer worms, how they arise, spread, how they are managed and effective ways of preventing worms from out computer networks. A computer worm is a malware that is capable of replicating itself and spreading these copies in files causing damage to the file. The CPT course is concerned with cyber security and protection of software and hardware from disruption and damage thus this research will enhance an understanding on computer security threats.
Introduction
Businesses, financial institutions, and governments collect, process, and store meaningful data and information on computers that is shared to other computers through networks. These meaningful information and data should be secured to protect the businesses, personal information and the nation at large. We engage in various computer activities such as sending and receiving attachments, sharing files on networks, and opening links. Some of the attachments we receive and websites links we open place as at increased risks of exposure to computer security threats. It becomes significantly important to have computer security measures that will prevent computer attacks that continue to grow rapidly in the current world. Attacks, damage or disruption of sensitive information is quite costly if proper security measures are not put in place. Having computer security measures helps to secure sensitive information.
Advancement in technology, information and communication has enhanced connection around the globe through the internet. Most people and organizations are using the internet for various activities that has been of benefit. I am no exception. I use my computer and the internet for a number of activities that include researching information for education purposes, better understanding of health conditions, and enhancing work performance among others. I also share information with my classmates and colleagues on these networks almost daily. I receive and send attachments. I open links of websites when doing my research without necessarily considering the risks of opening unsecure links. I send and receive emails almost daily. In general, I use a computer or internet at least each day.
I am aware that the sharing of information through computer networks and researching for information in unsecure websites is associated with a number of security risks that need to be addressed to keep sensitive information secure. I sometimes compare a computer worm attack to the spread of an infectious disease. Thus the need to explore on computer worms a challenge on computer security. Computer worms spread through networks of machines causing wide-spread damage that include slowing down tasks. Neglecting the importance of security measures on computer worms and threats is costly, thus the need to elaborate the importance of having adequate computer security skills and knowledge.
Problem Statement and Justification
Cyber security or computer systems security remains a challenge despite its effectiveness in resisting information and critical data attacks. Computer users make important security decisions daily when dealing with critical information. These range from using passwords and deciding whether or not to open links with insecure sources among others all in the name of protecting critical information and data from attacks or disruption. Understanding computer worms is vital to protecting computer attacks and operating systems. This paper focuses on identifying and understanding on causes and spread of computer worms.
This leads to the following primary research questions:
1. What causes and spreads computer worms?
2. What types of computer worms exist in the current world?
The secondary research questions are:
1. What triggers spread of these computer worms?
2. What symptoms show computer worm infection?
The objectives for this research paper is to answer both the primary and secondary research questions in order to explain how computer worms arise and spread causing harm to computers and network systems. This information obtained from answering the secondary and primary research questions is beneficial because it could lead to effective strategies for preventing and managing computer attacks. Organizations and businesses have lost meaningful information from attacks that had significant consequences. Investing in cyber security, in particular, in understanding and managing computer worms is essential for persons, businesses and organizations as it helps to resist information and critical data attacks that have negative consequences. Informal security education enhances user knowledge on the importance of making good security decisions.
My main aim is to increase awareness on cyber security through computer worms that do spread without the help of humans. I choose on computer worms because of the manner in which they occur and spread. This is because we use computers and networks for various activities in different settings. Thus increasing awareness should help businesses, organizations, institutions, and the government as well as individuals to more knowledgeable on cyber security and attacks on computers and networks by computer worms and preventive measures. Just as we take measures to prevent occurrence and spread of infectious diseases we need to do the same to prevent computer worms.
Literature Review
Computer viruses and worms can be compared to microbes that cause infectious diseases. The process through which the worms and viruses enter and amplify between files and computers is quite similar to the modes of spread of microbes in infectious diseases. This article defines worms and viruses that are under the umbrella term “malware.” It defines a computer worm as a self-contained program that has the ability of replicating itself and spreading bys ending copies to other computers without necessarily having user interaction. On the other hand, a virus is a program that has the ability of implanting itself in a program to cause modification of the program (Wassenaar & Blaser, 2008). A number of viruses and worms exist but new worms and viruses continue to emerge.
New viruses tend to emerge due to the latest computer techniques. It becomes essential for computer users to generate new generations of worms and viruses to cope with the new computing techniques. This article discusses different types of computer viruses that include file-infecting virus that attaches itself to executable files that end with .com and .exe that are main program files we use daily. Infection of one file enables the infected virus code and executes files normally. However, running other applications leads to replication of the virus and attachment to the application. The virus remains undetected until it triggers the computer user to realize that something is not working out accordingly. Another virus type is the boot sector virus that loads to the hard disk then to the memory. Any inserted disk to the computer becomes infected with the virus spreading this virus. The script virus is another virus that results from using script languages. It then spreads and infects files through opening e-mails, Microsoft Windows and accessing websites (Ahmad, 2010). This article enhances an understanding of viruses that are computer malwares similar to worms and their technical differences.
Worms are technically different from viruses but seem to occur and spread in a similar manner thus the need for identification of some viruses for a better understanding of this malware. According to (Khan, 2012) worms self-replicate similar to viruses and negatively affect computer systems. For instance, clicking and opening an infected e-mail is likely to transmit worms from one computer system to another. The article identifies some worms like Trile.C, Lovgate.F, Mapson, and Sobig.F. Chen (n.d) identifies other worms such as Welchia and MS Blaster. He considers MS Blaster that appeared in 2003worm a fast worm. He also states that Sobig.F as a very fast worm. Zhang and his team (2015) identify conflicker as a computer worm that emerged in 2008. This worm spreads through a combination of three strategies, local probing, neighborhood probing and international probing. The authors focus on these three spreading strategies to better understand the spreading behavior of this worm. They consider Conflicker as a hybrid epidemic that if used maliciously can cause significant challenges to internet security protocol.
It is important to note symptoms that a computer is infected by a worm. Khan (2012) provides meaningful information on some indicators of virus and worm infection on a computer. These include slow running of the computer than usual, frequent computer locks up and the computer not responding accordingly, computer crashes, some computer applications not working properly, and display of unusual error messages among others.
Research Design
The research methods to be used should help answer both my primary and secondary research questions. Both secondary and data collection methods will be used to adequately answer the research questions.
Primary Data Collection
It will include both qualitative and quantitative data collection methods. The qualitative data collection method will be interviews on IT professionals who are most knowledgeable when it comes to computer worms. Additionally, most of them have at some point struggled with computer attacks; therefore, will provide meaningful information to assist with this research. The purpose of the interview on IT professionals is to explore on their experiences, beliefs, and views on computer worms and cyber security threats. The interviews should provide meaningful and in-depth information to enhance understanding of computer worms.
The interviews will be given in questionnaire form with structured questions administered to 30 IT professionals working for at least five different organizations and/or institutions. The structured questions should help collect required information by asking predetermined questions. The structured questionnaires are preferred because they are easy and quick to administer. They are cost-effective as they can be sent via email or handed directly to the respondents and later returned or collected for analysis (Olsen, 2011).
The questionnaire will contain 1o questions that address the research objectives. The structured questions will include multiple choice questions as well as open-ended questions to allow respondents to respond at length. Some of the questions will collect opinions of IT professionals on causes and spread of computer worms as well as factors that trigger spread of these computer worms. The respondents will be required to fill the forms accordingly. The questionnaire will be designed in a simple and clear manner with targeted questions to answer the research questions appropriately. The questions will be short containing only 10 questions that should take less than 15 minutes to be filled up. This is aimed at avoiding overburdening of the respondents who may be busy with their daily tasks.
The question will be machine-readable to allow coding of responses. Writing will be minimal with the availability of tick boxes. For open-ended questions, keywords will be imposed to enhance data entry and analysis. This is aimed at analyzing the collected data through scales with numerical values. It also makes it easier to analyze the obtained results.
Some benefits of using questionnaires in this research include allowing the researcher to prepare the questions ahead of time. This will allow the research to properly design the research questions to ensure that they will adequately collect the required information. Properly designing the questions should help the researcher collect reliable and comparable data. Questionnaires enhance collection of standardized information that can be easily compared. They allow the respondent to think while answering the questions since they do not require immediate response like interviews. Most respondents are familiar with this type of formatting thus the ability to respond quickly and completely. Lastly, they are straightforward in analyzing, cost-effective and simple to administer (Olsen, 2011).
Secondary Data Collection
The researcher will use secondary data collection to obtain meaningful information from books, journals and online portals about computer worms. The researcher will be research question-driven by basing selecting of datasets from the research questions to be addressed (Cheng & Philipps, 2014). An array of data on computer worms is available on these sites that should help answer the research questions appropriately. The information will be obtained from these sources that are credible to increase the level of reliability and validity of the research. The criteria for selecting secondary sources will include publication date; in particular, sources published less than 10 years. The sources must be credible to enhance reliability of the information obtained. The depth of analyses on computer worms as well as quality of discussions will also be considered to enhance reliability of the research findings.
The secondary sources will collect quantitative data. They will primarily be paper-based sources that include journals, books, and reports on cyber security; in particular, computer worms types, spread, and symptoms that should help answer the research questions. The sources chosen must be relevant with the same concepts and current data. They must be accurate such that they have specification and methodology used to obtain the information and research findings in order to be dependable. They must also contain adequate data regarding the research topic and questions.
Advantages of collecting data through secondary sources include saving time and money where the researcher can get the information through the internet (Cheng & Philipps, 2014). This saves time of visiting libraries in search of secondary sources that contain the required information. It saves transportation costs among other costs that can be incurred when searching for information. Generally, it is less expensive since large datasets can be obtained at no additional cost.
Advancement in technology simplifies the process and provides an array of information via search engines that allow advanced searches. There is increased accessibility of information through the internet. A simple click should help obtain vast amount of information. However, the sources must be credible for the information to be valid. Obtaining information from previous analyses should help generate new insights due to unexpected new discoveries of the same or similar research topic. Analysis of such data should enable the researcher to make relevant and informed conclusions or confirm previous results. The research could also analyze the evolution of cyber security through continuous surveys of the research topic.
Data Analysis
Statistical techniques will be used to analyze both data collected using quantitative and qualitative methods. Analyzing qualitative data will include coding all data within a pre-defined framework that reflects the researcher’s objectives and aims. This will allow for new impressions that influence interpretation of the research findings. In other words, this will follow a thematic network analysis. The material will be coded in order to condense it for interpretation. A coding framework will be used to reduce data and interpret it. The coding will be deductive thus guided by a fixed framework. Look for underlying structures and patterns when analyzing.
References Ahmad, W. (2010). Computer Viruses as a Threat to Home Users. International Journal of Electrical & Computer Sciences, 10(3): 29-34. Chen, T. M. (n.d.). Trends in Viruses and Worms. The Internet Protocol Journal, 6(3). Cheng, H., & Philipps, M. (2014). Secondary analysis of existing data: opportunities and implementation. Shanghai Archives of Psychiatry, 26(6): 371–375. Khan, I. (2012). An introduction to computer viruses: Problems and solutions. Library Hi Tech News, 29(7):8-12. Olsen, W. (2011). Data Collection: Key Debates and Methods in Social Research. Thousand Oaks: SAGE. Wassenaar, T. M., & Blaser, J. M., (2008). Contagion on the Internet. Emerging Infectious Diseases, 8(3): 335–336. Zhang , C., Zhou, S., Chain, B. M., et al, C. Z. (2015). Hybrid Epidemics—A Case Study on Computer Worm Conficker. PLOS ONE, 10(5): e0127478.
Appendix
Questionnaire 1
1. How many years have you worked as an IT professional? (Please tick one)
I. One Year
II. Two Years
III. Three o Five Years
IV. Over 10 Years
2. Define compute worm?
……………………………………………………………………………………………
3. Explain the life of computer worms?
……………………………………………………………………………………………..
4. What are the most common types of computer worms that exist in the current world? List at least five types.
I. …………………………..
II. …………………………..
III. ………………………......
IV. …………………………..
V. …………………………..
5. What are the main symptoms of computer worm infection on a computer? List at least three symptoms.
I. ………………………………...
II. ………………………………...
III. …………………………………
6. How do computer worms spread? (The process of spreading).
………………………………………………………………………………………………….
7. List three factors you feel trigger spread of computer worms.
I. ………………………………..
II. ………………………………..
III. …………………………………
8. What ways do computer worms spread faster? ( Please tick one)
A. Attachments Sent via emails
B. Sharing and Downloading Files
C. Lack of Antivirus
D. Not keeping Computer Patched
9. Computer worms can have serious effects on computers systems and networks. What serious effects have you experienced?
…………………………………………………………………………………………….
10. Identify the most effective cyber security preventive approach. Briefly explain.
………………………………………………………………………………………………
