Software Under Siege

I. Introduction. 1. Background: changes and concerns. a.a Changes in computing milieu. 1.1.1 Centralized versus decentralized computing. 1.1.2 Sharing software. 1.2 Protection versus convenience of use. 1.3 Potential for damage. 1.4 A comment on legal issues 1.5 Security and Integrity. 1.6 Bibliographical Notes. II. The Illness. 2. Brief history of computer virus attacks. 2.1 Precursors of viruses. 2.2 Reported virus attacks. 2.2.1 PC networks. 2.2.2 Mainframe attacks. 2.3 Outlook. 2.4 Bibliographical notes. 3. Definitions. 3.1 Logical bombs. 3.2 Trojan horses. 3.3 Computer viruses. 3.4 Computer worms. 3.5 The process of viral infection. 3.6 Types of damage. 3.6.1 Primary damage. 3.6.2 Secondary damage. 3.6.3 Harmless or vicious? 3.7 Bibliographical notes. 4. Examples. 4.1 Ken Thompson's trojan c. compiler. 4.2 A virus template. 4.3 Viral actions. 4.4 The internet attack. 4.4.1 Victims and their characteristics. 4.4.2 What the worm did not do. 4.4.3 Flaws. 4.4.4 Defenses of the worm. 4.4.5 Attempts at defending against the worm. 4.5 Bibliographical notes. 5. Related attacks. 5.1 Types of attacks. 5.2 The LBL investigation. 5.3 Bibliographical notes. III. Diagnosis. 6. Detection of viruses: theoretical aspects. 6.1 Detection is undecidable. 6.2 Implications. 6.3 Bibliographical notes 7. Detection of viruses and worms: practical aspects. 7.1 Detection of code. 7.2 Symptoms of spread. 7.2.1 User Observable symptoms of spread. 7.2.2 System observable symptoms of spread. 7.3 Symptoms of damage. 7.4 Detection products. 7.5 Bibliographical notes. IV. Prevention and Cures. 8. Prevention: theoretical aspects. 8.1.1 Prevention of viruses. 8.1.2 Hardware modifications. 8.2 Bibliographical notes. 9. Prevention of virus attacks: practical aspects. 9.1 Software-based protection schemes. 9.2 Hardware-based protection schemes. 9.3 Bibliographical Notes. 10. Cures. 10.1 Undoing damage. 10.2 Purging an attacker. 11. Precautionary rules of thumb. 12. Conclusions. Basic hygiene. Appendix. Bibliography.