CHAPTER
ONE
INTRODUCTION
1.1 BACKGROUND TO THE STUDY
Computer system
infection, also known as malicious code, refers to a program that is covertly
inserted into another program with the intent to destroy data, run destructive
or intrusive programs, or otherwise compromise the confidentiality, integrity,
or availability of the victim’s data, applications, or operating system
(Higgins, 2010). Computer system infection is the most common external threat
to most hosts, causing widespread damage and disruption and necessitating
extensive recovery efforts within most organizations. Organizations also face
similar threats from a few forms of non-malware threats that are often
associated with computer system infection. One of these forms that has become
commonplace is phishing, which is using deceptive computer-based means to trick
individuals into disclosing sensitive information. Organizations should plan
and implement an approach to computer system infection incident prevention
based on the attack vectors that are most likely to be used currently and in
the near future. Because the effectiveness of prevention techniques may vary
depending on the environment (i.e., a technique that works well in a managed
environment might be ineffective in a non-managed environment), organizations
should choose preventive methods that are well-suited to their environment and
hosts. An organization’s approach to computer system infection incident
prevention should incorporate policy considerations, awareness programs for
users and information technology (IT) staff, vulnerability and threat
mitigation efforts, and defensive architecture considerations (Higgins, 2010).
An organization’s
policy statements should be used as the basis for additional malware prevention
efforts, such as user and IT staff awareness, vulnerability mitigation, threat
mitigation, and defensive architecture. If an organization does not state
consider system infection prevention considerations clearly in its policies, it
is unlikely to perform infection prevention activities consistently and
effectively throughout the organization (Goodin, 2007). Computer infection
prevention–related policy should be as general as possible to provide
flexibility in policy implementation and to reduce the need for frequent policy
updates, but should also be specific enough to make the intent and scope of the
policy clear. Computer system prevention–related policy should include
provisions related to remote workers—both those using hosts controlled by the
organization and those using hosts outside of the organization’s control (e.g.,
contractor computers, employees’ home computers, business partners’ computers,
mobile devices).
Trojan has been building tools that you can trust
for more than a century. It’s worthy to note that there’s no substitute for
quality. These tools are used has antivirus. Antivirus software was originally
developed to detect and remove computer viruses, hence the name. However, with
the proliferation of other kinds of computer infection, antivirus software
started to provide protection from other computer threats. In particular,
modern antivirus software can protect from: malicious Browser Helper Objects
(BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan
horses, worms, malicious LSPs, dialers, fraudtools, adware and spyware. Some
products also include protection from other computer threats, such as infected
and malicious URLs, spam, scam and phishing attacks, online identity (privacy),
online banking attacks, social engineering techniques, Advanced Persistent
Threat (APT) and botnet DDoS attacks (Harley, 2011).
Anti-virus programs are not always effective
against new viruses, even those that use non-signature-based methods that
should detect new viruses. The reason for this is that the virus designers test
their new viruses on the major anti-virus applications to make sure that they
are not detected before releasing them into the wild.
1.2 STATEMENT OF THE PROBLEM
Computer infection
incident containment has two major components: stopping the spread of infection
and preventing further damage to hosts. Nearly every infection incident
requires containment actions. In addressing an incident, it is important for an
organization to decide which methods of containment to employ initially, early
in the response. Organizations should have strategies and procedures in place
for making containment-related decisions that reflect the level of risk
acceptable to the organization. Containment strategies should support incident
handlers in selecting the appropriate combination of containment methods based
on the characteristics of a particular situation. This study is examining the
method of preventing computer system infection and compromise using Trojan tool
and process.
1.3 OBJECTIVES OF THE STUDY
The following are the objectives of this study:
1. To
examine the methods of preventing computer system infection.
2. To
determine the capability of Trojan tool and process in preventing computer
system infection.
3. To
identify the consequences of computer system infection.
1.4 RESEARCH QUESTIONS
1. What
are the methods of preventing computer system infection?
2. What
is the capability of Trojan tool and process in preventing computer system
infection?
3. What
are the consequences of computer system infection?
1.5
RESEARCH HYPOTHESIS
H0: Anti-virus programs are not always
effective against new viruses
H1: Anti-virus programs are always
effective against new viruses
1.6 SIGNIFICANCE OF THE STUDY
The following are the significance of this study:
1. The
outcome of this study will educate computer users and the general public on the
issues of computer system infection. It will also educate on how to prevent
computer system infection and compromise using Trojan tools and process.
2. This
research will be a contribution to the body of literature in the area of the
effect of personality trait on student’s academic performance, thereby
constituting the empirical literature for future research in the subject area.
1.7 SCOPE/LIMITATIONS OF THE STUDY
This study will cover the method of preventing
computer system infection using Trojan tools and process.
LIMITATION OF STUDY
Financial constraint- Insufficient fund tends to impede the
efficiency of the researcher in sourcing for the relevant materials, literature
or information and in the process of data collection (internet, questionnaire
and interview).
Time
constraint- The researcher will simultaneously engage in this study with
other academic work. This consequently will cut down on the time devoted for
the research work
REFERENCES
Higgins, J.K. (2010). "New Microsoft
Forefront Software Runs Five Antivirus Vendors' Engines". Darkreading.
Retrieved 2011-02-24.
Goodin, D (2007). "Anti-virus protection gets
worse". Channel Register. Retrieved 2011-02-24.
Harley, D. (2011). AVIEN Malware Defense Guide for
the Enterprise. Elsevier. p. 487. ISBN 9780080558660. Retrieved 2013-06-10