1.1 BACKGROUND TO THE STUDY
Computer system infection, also known as malicious code, refers to a program that is covertly inserted into another program with the intent to destroy data, run destructive or intrusive programs, or otherwise compromise the confidentiality, integrity, or availability of the victim’s data, applications, or operating system (Higgins, 2010). Computer system infection is the most common external threat to most hosts, causing widespread damage and disruption and necessitating extensive recovery efforts within most organizations. Organizations also face similar threats from a few forms of non-malware threats that are often associated with computer system infection. One of these forms that has become commonplace is phishing, which is using deceptive computer-based means to trick individuals into disclosing sensitive information. Organizations should plan and implement an approach to computer system infection incident prevention based on the attack vectors that are most likely to be used currently and in the near future. Because the effectiveness of prevention techniques may vary depending on the environment (i.e., a technique that works well in a managed environment might be ineffective in a non-managed environment), organizations should choose preventive methods that are well-suited to their environment and hosts. An organization’s approach to computer system infection incident prevention should incorporate policy considerations, awareness programs for users and information technology (IT) staff, vulnerability and threat mitigation efforts, and defensive architecture considerations (Higgins, 2010).
An organization’s policy statements should be used as the basis for additional malware prevention efforts, such as user and IT staff awareness, vulnerability mitigation, threat mitigation, and defensive architecture. If an organization does not state consider system infection prevention considerations clearly in its policies, it is unlikely to perform infection prevention activities consistently and effectively throughout the organization (Goodin, 2007). Computer infection prevention–related policy should be as general as possible to provide flexibility in policy implementation and to reduce the need for frequent policy updates, but should also be specific enough to make the intent and scope of the policy clear. Computer system prevention–related policy should include provisions related to remote workers—both those using hosts controlled by the organization and those using hosts outside of the organization’s control (e.g., contractor computers, employees’ home computers, business partners’ computers, mobile devices).
Trojan has been building tools that you can trust for more than a century. It’s worthy to note that there’s no substitute for quality. These tools are used has antivirus. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other kinds of computer infection, antivirus software started to provide protection from other computer threats. In particular, modern antivirus software can protect from: malicious Browser Helper Objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious LSPs, dialers, fraudtools, adware and spyware. Some products also include protection from other computer threats, such as infected and malicious URLs, spam, scam and phishing attacks, online identity (privacy), online banking attacks, social engineering techniques, Advanced Persistent Threat (APT) and botnet DDoS attacks (Harley, 2011).
Anti-virus programs are not always effective against new viruses, even those that use non-signature-based methods that should detect new viruses. The reason for this is that the virus designers test their new viruses on the major anti-virus applications to make sure that they are not detected before releasing them into the wild.
1.2 STATEMENT OF THE PROBLEM
Computer infection incident containment has two major components: stopping the spread of infection and preventing further damage to hosts. Nearly every infection incident requires containment actions. In addressing an incident, it is important for an organization to decide which methods of containment to employ initially, early in the response. Organizations should have strategies and procedures in place for making containment-related decisions that reflect the level of risk acceptable to the organization. Containment strategies should support incident handlers in selecting the appropriate combination of containment methods based on the characteristics of a particular situation. This study is examining the method of preventing computer system infection and compromise using Trojan tool and process.
1.3 OBJECTIVES OF THE STUDY
The following are the objectives of this study:
- To examine the methods of preventing computer system infection.
- To determine the capability of Trojan tool and process in preventing computer system infection.
- To identify the consequences of computer system infection.
1.4 RESEARCH QUESTIONS
- What are the methods of preventing computer system infection?
- What is the capability of Trojan tool and process in preventing computer system infection?
- What are the consequences of computer system infection?
1.6 SIGNIFICANCE OF THE STUDY
The following are the significance of this study:
- The outcome of this study will educate computer users and the general public on the issues of computer system infection. It will also educate on how to prevent computer system infection and compromise using Trojan tools and process.
- This research will be a contribution to the body of literature in the area of the effect of personality trait on student’s academic performance, thereby constituting the empirical literature for future research in the subject area.
1.7 SCOPE/LIMITATIONS OF THE STUDY
This study will cover the method of preventing computer system infection using Trojan tools and process.
LIMITATION OF STUDY
Financial constraint- Insufficient fund tends to impede the efficiency of the researcher in sourcing for the relevant materials, literature or information and in the process of data collection (internet, questionnaire and interview).
Time constraint- The researcher will simultaneously engage in this study with other academic work. This consequently will cut down on the time devoted for the research work
Higgins, J.K. (2010). "New Microsoft Forefront Software Runs Five Antivirus Vendors' Engines". Darkreading. Retrieved 2011-02-24.
Goodin, D (2007). "Anti-virus protection gets worse". Channel Register. Retrieved 2011-02-24.
Harley, D. (2011). AVIEN Malware Defense Guide for the Enterprise. Elsevier. p. 487. ISBN 9780080558660. Retrieved 2013-06-10