SlideShare a Scribd company logo

Application'sand security

Download as PPT, PDF
A
arun nalam

This document discusses computer viruses and application security. It begins by defining a computer virus and describing how viruses spread and their symptoms. It then covers various types of viruses like resident, direct action, overwrite, boot, macro, and polymorphic viruses. The document also discusses other malware like worms, Trojans, spyware and adware. It emphasizes the importance of application security for protecting data integrity, confidentiality, availability and accountability. It provides examples of basic security concepts and outlines strategies for securing applications like authentication, authorization, access control, logging and auditing. The document concludes by stating that developing secure applications requires an ethical hacking perspective to prevent data and system loss or misuse.

Technology
Related topics:
Application Security
1 of 29
Downloaded 20 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Viruses & Application Security
Agenda • What Is Computer Virus • Symptoms • How does it spread • Types Of Viruses • Other Programs similar to Viruses • Application Security • Why Application Security Is Important • Why Often Application Security Is Ignored • Basic Security Concepts • Securing the Application • Conclusion
What is a computer virus? • Computer viruses are a type of software program that is like a biological virus, replicate and spread without the users knowledge • Some virus may display only a message on the screen, others may slow down the Pc • They can also erase files or even format your floppy or hard disk and crash the system
Symptoms • Letters looks like they are falling to the bottom of the screen. • The computer system becomes slow. • The size of available free memory reduces. • The hard disk runs out of space. • The computer does not boot.
How does it spread • Computer viruses spread by attaching themselves to other computer program files • When you exchange a file from pen drive with virus into our Pc, the virus spreads from one file to the another • Viruses also spreads when a Computer Engineer comes to repair your system and puts his/her diagnostics disks in your PC
Programs Effecting Computers  Computer Viruses  Malwares  Worms  Trojan horses  Spyware  Adware
Types of viruses  Resident  Direct Action  Overwrite  Boot  Macro  Directory Polymorphic File Infectors Companion Fat Logic Bombs
Resident Virus  A virus that takes up permanent residence in the RAM memory. It can take over or interupt any operation executed by the computer system. It can corrupt files and programs; such as copy, open, close, rename and more.  Examples: Randex, CMJ, Meve, and MrKlunky.
Direct Action Virus  A batch file that resides in the root directory of the hard disk. When executed it will infect files in the directory and also directed to the batch file AUTOEXEC.BAT file PATH.
Overwrite Virus  A virus that deletes of overwrites part or all of the information in a file, making them partially or totally worthless. To get rid of the virus, the file has to be deleted. Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.
Boot Virus • A virus that affects the boot sector of the hard drive or a floppy drive. The boot sector gives the computer information on how to boot, if it is not functioning the computer won't boot. To avoid a boot virus, don't boot your computer with an unknown floppy disk in your floppy drive and make sure it is write protected. Examples of boot viruses include: Polyboot.B, AntiEXE.
Macro Virus  A virus written in a macro language that infects the files that were created with it. When the file is opened the macro virus runs automatically. This may arrive on your computer by email attachment. Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.
Directory Virus  Directory viruses will replace an existing executable and move the real file somewhere else, so when you run it you are unknowingly running the virus program instead of the original. It then becomes impossible to find the original file.
Polymorphic Virus  Viruses that encode or encrypt themselves so that each new version is different. This enables them to replicate and very hard for virus scanners to track down.
File Infectors  The majority of viruses are file infectors. This virus is activated by running an executable file like .exe or .com extension files. Once run, the virus does its damage according to the program in the executable file.
Companion Virus  Once the system is infected they accompany the files that already exist. They can lay in wait or take action immediately. Some examples include: Stator, Asimov.1539, and Terrax.1069
Fat Virus  This virus will only infect a computer running a file allocation table (FAT) file system. This virus will prevent access to parts of the hard drive preventing files to be accessed Newer windows computers use NTFS and don't need to worry about this virus.
Computers Must Exist within a Secure Infrastructure  Harden systems  Use concept of least-privilege  Patch management  Firewalls  Using Anti Virus Programs  Intrusion detection  Virus protection
Application Security  An application is a program or group of programs designed for end users.  Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization.  Application security is the use of software, hardware, and procedural methods to protect applications from external and internal threats.
Why Is Application Security Important? • New threats emerge every day • Some hackers are not satisfied with penetrating your network, they seek information that resides in your applications/databases • Applications are often with poor designs, software bugs, and poor programming practices • Applications may be a fast and have an easy entry point into a secure network • Applications contain and process your most critical (important and sensitive) information • Programming logic may be exposed to the possibility of being attacked just as troublesome as difficulties inherent with certain technologies
Why Is Application Security Often Ignored?  Usually there are time and budget constraints in application development that cause proper testing and secure programming training to fall to the way aside  Security is typically not prioritized by programming teams, they are paid to deliver functionality first and foremost  E-commerce initiatives are often rushed into production  Organizations often expect the software manufacturer “build in” security is 80% process driven, 20% software driven
Four Basic Security Concepts Poor application security measures can lead to breaches in data:  Data Integrity  Confidentiality  Availability  Accountability
Data Integrity • Data Integrity means having a secure and reliable data in the database • Protection of information from tampering, forgery, or accidental changes. Examples: • January 2004, there were 13,654 known attacks on Linux Servers
Confidentiality  Ensures that applications and data is accessible to only the users intended and authorized to have access.  Examples : While Login in Providing Id’s and Passwords
Availability  Ensures that authorized users have access to the application and the data when required.  Example: Microsoft Developer Store  Checking PNR Status Indian Railway Systems
Accountability Within the Application  Ensure accuracy of data and guide against unauthorized modifications  Who did what with your data?  Examples : Having Notification To Our Mobiles From Social Networking Sites
Securing the Application  Authentication & Identification  Authorization & Access Control  Logging & Auditing Procedures  Managing User Sessions  Cryptography  Examples: Ceaser Cipher Text Modification, RSAAlgorithms etc
Conclusion Every Application must be developed in Ethical hacking perspective Prevent the loss, modification, or misuse of application systems “data” or application architecture. Here we are focusing on web-enabled systems Making an e-commerce application secure is much harder than just adding a password protected login screen!
Thank You

More Related Content

PPS
Virus & Computer security threats
Azri Abdin
 
PPTX
Computer virus-and-antivirus
VishwarajYadav
 
PPTX
computer virus and related legal issues
Shweta Ghate
 
PPTX
Computer virus
vazhichal12
 
PPTX
Computer virus
Muhammad Umar Farooq
 
PPT
Virus
Ramasubbu .P
 
ODP
Computer virus
Maxie Santos
 
PPTX
Virus
Protik Roy
 
Virus & Computer security threats
Azri Abdin
 
Computer virus-and-antivirus
VishwarajYadav
 
computer virus and related legal issues
Shweta Ghate
 
Computer virus
vazhichal12
 
Computer virus
Muhammad Umar Farooq
 
Virus
Ramasubbu .P
 
Computer virus
Maxie Santos
 
Virus
Protik Roy
 

What's hot (20)

PPTX
Antivirus PPt
Arnab Singha
 
PPT
Virus project
Shehrevar Davierwala
 
PPTX
Computer virus
Shubham Kafle
 
PPTX
Computer Virus
OECLIB Odisha Electronics Control Library
 
PPTX
Computer Virus
Aritra Das
 
PPTX
Computer Virus 2017
abdullah shahzad
 
PPTX
Antivirus ppt
nikkinikhita
 
PPTX
Computer virus !!!!!
pratikpandya18
 
PPTX
Computer viruses
aagmansaini
 
PDF
Security and Viruses
Amrit Kaur
 
PPTX
Computer virus
Kaushik Vemani Venkata
 
PPTX
Computer virus
nikkinikhita
 
PPT
Itc lec 15 Computer security risks
AnzaDar3
 
PPTX
Computer virus
JoydipGhosh12
 
PPTX
Computer virus
SeethaDinesh
 
PPTX
Computer Virus
Rajah Anuragavan
 
PPTX
Antivirus software
khalid umer
 
PPT
How Computer Viruses Work
Cerise Anderson
 
PPTX
computer Virus
VC Infotech
 
ODP
Computer virus
GHANA CHRISTIAN INTERNATIONAL HIGH SCHOOL
 
Antivirus PPt
Arnab Singha
 
Virus project
Shehrevar Davierwala
 
Computer virus
Shubham Kafle
 
Computer Virus
OECLIB Odisha Electronics Control Library
 
Computer Virus
Aritra Das
 
Computer Virus 2017
abdullah shahzad
 
Antivirus ppt
nikkinikhita
 
Computer virus !!!!!
pratikpandya18
 
Computer viruses
aagmansaini
 
Security and Viruses
Amrit Kaur
 
Computer virus
Kaushik Vemani Venkata
 
Computer virus
nikkinikhita
 
Itc lec 15 Computer security risks
AnzaDar3
 
Computer virus
JoydipGhosh12
 
Computer virus
SeethaDinesh
 
Computer Virus
Rajah Anuragavan
 
Antivirus software
khalid umer
 
How Computer Viruses Work
Cerise Anderson
 
computer Virus
VC Infotech
 
Computer virus
GHANA CHRISTIAN INTERNATIONAL HIGH SCHOOL
 
Ad

Viewers also liked (8)

PPT
Zika Virus-Epidemology and charecterisitics of zika virus
Narayan Prahlad
 
PDF
Replication of DNA Virus Genomes
Yora Dewi
 
PPTX
Epidemology and control of protozoan parasite
swarnendu basak
 
PPTX
Cultivation of Viruses
Islam Sarakbi
 
PPT
Chapter 2 classification of virus
Alia Najiha
 
PDF
Zika virus
Sonika Shrivastav
 
PDF
Virus structure: classification: replication
Marilen Parungao
 
PPTX
Bacteriophage vectors
priyanka raviraj
 
Zika Virus-Epidemology and charecterisitics of zika virus
Narayan Prahlad
 
Replication of DNA Virus Genomes
Yora Dewi
 
Epidemology and control of protozoan parasite
swarnendu basak
 
Cultivation of Viruses
Islam Sarakbi
 
Chapter 2 classification of virus
Alia Najiha
 
Zika virus
Sonika Shrivastav
 
Virus structure: classification: replication
Marilen Parungao
 
Bacteriophage vectors
priyanka raviraj
 
Ad

Similar to Application'sand security (20)

PPTX
Securing The Computer From Viruses ...
Rahman_Hussain
 
PPT
virus
Vinod siragaon
 
PPT
cyber security cyber security cyber security cyber security
Nagaraja465570
 
ODP
Viruses andthreats@dharmesh
Dharmesh Kumar Sharma
 
PPTX
Virus vs anti virus
Xʎz ʞsɥ
 
PPTX
Firewall , Viruses and Antiviruses
Vikas Chandwani
 
PPTX
Computer virus !!!!!
pratikpandya18
 
PPTX
Types of Virus & Anti-virus
Divyesh Rakholiya
 
PPT
computer-viruses
Tayyaba farooq
 
PPT
Antiviruse.ppt
AthiraKrishnan57
 
PPTX
Final malacious softwares
Mirza Adnan Baig
 
PPTX
Ch-06 (ICS I) - Security, Copyright and the Law.pptx
naveedabbas61
 
PPTX
Virus and its CounterMeasures -- Pruthvi Monarch
Pruthvi Monarch
 
PPT
6unit1 virus and their types
Neha Kurale
 
PPT
computervirus.ppt
PritamSahoo16
 
PPTX
Computer viruses and prevention techniques
Prasad Athukorala
 
PPTX
ANATOMY OF A COMPUTER VIRUS.pptx
ankeetamondal06
 
PPTX
Antivirus programs
Anuj Pawar
 
PPTX
Computer viruses
SimiAttri
 
PPTX
Computer viruses - A daily harm
Anubhav125
 
Securing The Computer From Viruses ...
Rahman_Hussain
 
virus
Vinod siragaon
 
cyber security cyber security cyber security cyber security
Nagaraja465570
 
Viruses andthreats@dharmesh
Dharmesh Kumar Sharma
 
Virus vs anti virus
Xʎz ʞsɥ
 
Firewall , Viruses and Antiviruses
Vikas Chandwani
 
Computer virus !!!!!
pratikpandya18
 
Types of Virus & Anti-virus
Divyesh Rakholiya
 
computer-viruses
Tayyaba farooq
 
Antiviruse.ppt
AthiraKrishnan57
 
Final malacious softwares
Mirza Adnan Baig
 
Ch-06 (ICS I) - Security, Copyright and the Law.pptx
naveedabbas61
 
Virus and its CounterMeasures -- Pruthvi Monarch
Pruthvi Monarch
 
6unit1 virus and their types
Neha Kurale
 
computervirus.ppt
PritamSahoo16
 
Computer viruses and prevention techniques
Prasad Athukorala
 
ANATOMY OF A COMPUTER VIRUS.pptx
ankeetamondal06
 
Antivirus programs
Anuj Pawar
 
Computer viruses
SimiAttri
 
Computer viruses - A daily harm
Anubhav125
 

Recently uploaded (20)

PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
A Presentation on Artificial Intelligence
memembruh336
 
Encapsulation theory and applications.pdf
gurumoop
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 

Application'sand security

  • 2. Agenda • What Is Computer Virus • Symptoms • How does it spread • Types Of Viruses • Other Programs similar to Viruses • Application Security • Why Application Security Is Important • Why Often Application Security Is Ignored • Basic Security Concepts • Securing the Application • Conclusion
  • 3. What is a computer virus? • Computer viruses are a type of software program that is like a biological virus, replicate and spread without the users knowledge • Some virus may display only a message on the screen, others may slow down the Pc • They can also erase files or even format your floppy or hard disk and crash the system
  • 4. Symptoms • Letters looks like they are falling to the bottom of the screen. • The computer system becomes slow. • The size of available free memory reduces. • The hard disk runs out of space. • The computer does not boot.
  • 5. How does it spread • Computer viruses spread by attaching themselves to other computer program files • When you exchange a file from pen drive with virus into our Pc, the virus spreads from one file to the another • Viruses also spreads when a Computer Engineer comes to repair your system and puts his/her diagnostics disks in your PC
  • 6. Programs Effecting Computers  Computer Viruses  Malwares  Worms  Trojan horses  Spyware  Adware
  • 7. Types of viruses  Resident  Direct Action  Overwrite  Boot  Macro  Directory Polymorphic File Infectors Companion Fat Logic Bombs
  • 8. Resident Virus  A virus that takes up permanent residence in the RAM memory. It can take over or interupt any operation executed by the computer system. It can corrupt files and programs; such as copy, open, close, rename and more.  Examples: Randex, CMJ, Meve, and MrKlunky.
  • 9. Direct Action Virus  A batch file that resides in the root directory of the hard disk. When executed it will infect files in the directory and also directed to the batch file AUTOEXEC.BAT file PATH.
  • 10. Overwrite Virus  A virus that deletes of overwrites part or all of the information in a file, making them partially or totally worthless. To get rid of the virus, the file has to be deleted. Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.
  • 11. Boot Virus • A virus that affects the boot sector of the hard drive or a floppy drive. The boot sector gives the computer information on how to boot, if it is not functioning the computer won't boot. To avoid a boot virus, don't boot your computer with an unknown floppy disk in your floppy drive and make sure it is write protected. Examples of boot viruses include: Polyboot.B, AntiEXE.
  • 12. Macro Virus  A virus written in a macro language that infects the files that were created with it. When the file is opened the macro virus runs automatically. This may arrive on your computer by email attachment. Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.
  • 13. Directory Virus  Directory viruses will replace an existing executable and move the real file somewhere else, so when you run it you are unknowingly running the virus program instead of the original. It then becomes impossible to find the original file.
  • 14. Polymorphic Virus  Viruses that encode or encrypt themselves so that each new version is different. This enables them to replicate and very hard for virus scanners to track down.
  • 15. File Infectors  The majority of viruses are file infectors. This virus is activated by running an executable file like .exe or .com extension files. Once run, the virus does its damage according to the program in the executable file.
  • 16. Companion Virus  Once the system is infected they accompany the files that already exist. They can lay in wait or take action immediately. Some examples include: Stator, Asimov.1539, and Terrax.1069
  • 17. Fat Virus  This virus will only infect a computer running a file allocation table (FAT) file system. This virus will prevent access to parts of the hard drive preventing files to be accessed Newer windows computers use NTFS and don't need to worry about this virus.
  • 18. Computers Must Exist within a Secure Infrastructure  Harden systems  Use concept of least-privilege  Patch management  Firewalls  Using Anti Virus Programs  Intrusion detection  Virus protection
  • 19. Application Security  An application is a program or group of programs designed for end users.  Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization.  Application security is the use of software, hardware, and procedural methods to protect applications from external and internal threats.
  • 20. Why Is Application Security Important? • New threats emerge every day • Some hackers are not satisfied with penetrating your network, they seek information that resides in your applications/databases • Applications are often with poor designs, software bugs, and poor programming practices • Applications may be a fast and have an easy entry point into a secure network • Applications contain and process your most critical (important and sensitive) information • Programming logic may be exposed to the possibility of being attacked just as troublesome as difficulties inherent with certain technologies
  • 21. Why Is Application Security Often Ignored?  Usually there are time and budget constraints in application development that cause proper testing and secure programming training to fall to the way aside  Security is typically not prioritized by programming teams, they are paid to deliver functionality first and foremost  E-commerce initiatives are often rushed into production  Organizations often expect the software manufacturer “build in” security is 80% process driven, 20% software driven
  • 22. Four Basic Security Concepts Poor application security measures can lead to breaches in data:  Data Integrity  Confidentiality  Availability  Accountability
  • 23. Data Integrity • Data Integrity means having a secure and reliable data in the database • Protection of information from tampering, forgery, or accidental changes. Examples: • January 2004, there were 13,654 known attacks on Linux Servers
  • 24. Confidentiality  Ensures that applications and data is accessible to only the users intended and authorized to have access.  Examples : While Login in Providing Id’s and Passwords
  • 25. Availability  Ensures that authorized users have access to the application and the data when required.  Example: Microsoft Developer Store  Checking PNR Status Indian Railway Systems
  • 26. Accountability Within the Application  Ensure accuracy of data and guide against unauthorized modifications  Who did what with your data?  Examples : Having Notification To Our Mobiles From Social Networking Sites
  • 27. Securing the Application  Authentication & Identification  Authorization & Access Control  Logging & Auditing Procedures  Managing User Sessions  Cryptography  Examples: Ceaser Cipher Text Modification, RSAAlgorithms etc
  • 28. Conclusion Every Application must be developed in Ethical hacking perspective Prevent the loss, modification, or misuse of application systems “data” or application architecture. Here we are focusing on web-enabled systems Making an e-commerce application secure is much harder than just adding a password protected login screen!