Computer_Engineering_print_new2
.pdfSPECIALIST READING A: Malicious software
10.Read the text quickly and arrange the paragraphs (a-h) according to the plan. There is one extra paragraph. What type of malware does it describe?
1)Malware ___
2)A computer virus ___
3)Worms ___
4)Trojan horses ___
5)Spyware ___
6)Adware ___
7)Backdoor ___
11.These phrases and sentences have been removed from the text. Read the text quickly and fill in the gaps with the suitable phrases or sentences to form a logically correct text. There is one extra sentence you don’t have to use.
a.A backdoor may take the form of an installed program or an …
b.When the virus has been executed, the host program is executed in the normal way…
c.This general term is known to be used by computer professionals to mean a variety of forms…
d.…actively or passively gathered and disseminated by spyware may…
e.…computer worms may have a "payload" that can delete…
f.Spyware is a type of malicious software…
g.…or by simply not making its presence on a system known to the user.
h.When the virus is trigged by a predetermined event…
i.Rootkits are popular with hackers…
j.…and are sometimes referred to as “network viruses”.
Computer Engineering 101
a)This software appears to bypass normal authentication methods, such as a username and password, and allows unauthorized users to access and control your computer without your knowledge. (1) _____ illegitimate modification to a legitimate program. Trojan horses are a common kind of such threat.
b)They are programs that scan systems or monitor activity and relay information to other computers. The information that may be (2) _____
include passwords, log-in details, account numbers, personal information or other personal documents. They may also gather and distribute information related to your computer, applications running on your computer, Internet browsing usage or other computing habits. This kind of malicious software frequently attempts to remain unnoticed, either by actively hiding (3) _____. It is likely to be downloaded from web sites (typically in a shareware or freeware), email messages, and instant messengers.
c)It is a self-replicating program often written to cause damage or mischief by inserting itself into a software application without leaving any obvious sign of its presence. This type of malware operates by replacing the first instruction in the host program with a JUMP command. This command changes the normal instruction sequence in a program, causing the virus instructions to be executed (processed by the processor) before the host program instructions. (4) _____. A virus is
loaded into memory when a program it has attached itself to is run or executed. It then becomes memory resident i.e. it stays in the memory until the computer is switched off.
(5) _____, it operates the payload. It is possible for viruses to have the following parts:
a misdirection routine that enables it to hide itself;
a reproduction routine that allows it to copy itself to other programs;
English for Special Purposes
102Computer Engineering
a trigger that causes the payload to be activated at a particular time or when a particular event takes place;
a payload that may be a fairly harmless joke or
may be very destructive.
d)This malicious program seems to be innocuous or even beneficial (such as a program that you may have downloaded to remove viruses or spyware), but conceals other malware that compromise the security, data, and proper functioning of your computer. Like a virus it has a payload but doesn’t have a reproduction routine. Trojan horses spread via the network (6) _____.
e)Malicious software is designed to secretly access a computer system without the owner's informed consent. (7) _____ of hostile, intrusive or annoying software or program code. Malware comes in many forms: viruses, worms, Trojan horses, rootkits, adware, spyware.
f)This type of malware enables delivery of advertising content to you through its own or another program’s interface. It can be downloaded from web sites (typically in a shareware or freeware), email messages and instant messengers.
g)They hide files or processes running on a computer, rendering them difficult to detect and remove. Other forms of malware, like worms, which gain entry to your computer without your knowledge or permission are likely to install this type of malware. (8) _____, who want to hide their nefarious activities on your computer.
h)Like a virus, it is a self-replicating program, often written to cause damage or mischief but in contrast to a virus, it is self-contained and does not need to become part of another program to propagate itself. Instead this type of malware infects the operating system, acts like a program in its own right, and spreads via the network causing increased bandwidth. However, (9) _____, encrypt or email files on the host computer. A very common payload for a worm is to install a backdoor in the infected computer to allow the creation of a "zombie" computer under control of the worm author.
VOCABULARY IN USE
12. Complete the sentences with the right words given below.
infected |
to protect |
innocuous |
malicious |
spyware |
anti-virus |
worm adware replicates
1.Malware (________ software) are programs designed to infiltrate or damage your computer, for example, viruses, worms, Trojans and spyware.
2.A virus can enter a PC via disc drive – if you insert an ________ disc – or via the Internet.
3.A ________ is self-copying program that spreads through email attachments; it ________ itself and sends a copy to everyone in an address book.
4.A Trojan horse seems to be ________ or even beneficial program but it may affect data security.
5.________ collects information from your computer without your consent.
6.Most spyware and ________ (software that allows pop-ups, advertisements that suddenly appear on your screen) is included with ‘free’ downloads.
7.If you want ________ your PC, don’t open email attachments from strangers and take care when downloading files from the Web.
8.Remember to update your ________ software as often as possible, since new viruses are being created all the time.
English for Special Purposes
Computer Engineering 103
COMPREHENSION CHECK
13.Read the text again and decide which type of the malware stands the following descriptions for:
_______________ take control of your computer without your knowledge or permission;
_______________ send your data to an unauthorized recipient;
_______________ cause your computer to attack other computers;
_______________ delete your data;
_______________ a program that has a payload but does not have a reproduction routine;
_______________ delivers advertising content without your knowledge or permission;
_______________ self-contained program which acts like a program in its own right;
14.Decide whether these statements are true (T) or false (F), correct the false ones:
True |
False |
1. The term “malware” stands for a variety of forms of software which is hostile, intrusive or annoying.
2. It is usually easy to detect the presence of a computer virus because it has some main parts: a misdirection routine, a reproduction routine, a trigger and a payload.
3. The payload of a virus is activated by some predetermined event.
4. Worms can be compared with a computer virus as it exploits computers for personal gain but
it differs from a virus though, because it does not replicate to other computers and usually is not designed to destroy data.
5. Trojan horse is a technique that involves adding concealed instructions to a computer programs so that it will still work but will also perform prohibited duties.
6. The purpose of spyware is to take partial control of your computer or to intercept data from your computer.
7. Neither spyware nor adware can be downloaded to your computer without your personal concern.
8. Backdoor allows unauthorized users to access computer bypassing general authentication methods.
9. Rootkits make other forms of malware hide files or processes running on a computer and render them difficult to be detected and removed.
10. Though all types of malware access a computer system without the owner's informed consent, only viruses have a payload.
15. Use the chart given below to speak about malicious software.
|
WORMS |
VIRUSES |
TROJANS |
|
MALWARE |
SPYWARE |
ROOTKITS |
|
ADWARE |
English for Special Purposes
104 Computer Engineering
SPECIALIST READING B: Network security management
16. Scan the text, identify different parts and entitle them.
title |
from… – to… |
…
17. Read the text and decide whether these points are discussed in it.
Yes No 1) some rules to protect hardware and software protection against viruses 2) data encryption
3) software copy protection techniques
4) control of the physical access
5) the ways to hide the message
6) the ways to conceal the fact of communication
7) the advantages of steganography over cryptography
The terms network security and information security are often used interchangeably. Network security is
generally taken as providing protection at the
boundaries of an organization by keeping out intruders.
Information security, however, explicitly focuses on protecting data resources from malware attack or simple mistakes by people within an organization by use of data loss prevention (DLP) techniques. One of these techniques is to compartmentalize large networks with internal boundaries.
Network security starts from authenticating the user, commonly with a username and a password. Since this requires just one thing besides the user name, i.e. the password which is something you 'know', this is sometimes termed one factor authentication. With twofactor authentication something you 'have' is also used (e.g. a security token, an ATM card), or with three factor authentication something you 'are' is also used (e.g. a fingerprint or retinal scan).
Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the
network users. Though effective to prevent
unauthorized access, this component may fail to check
potentially harmful content such as computer worms or
Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network and traffic for unexpected (i.e. suspicious) content or behavior and other anomalies to protect resources, e.g. from denial of service attacks or an employee accessing files at strange times. Individual events occurring on the network may be logged for audit purposes and for later high level analysis.
Communication between two hosts using a network could be encrypted to maintain privacy. Information security uses cryptography to transform usable information into a form that renders it unusable by anyone other than an authorized user; this process is called encryption. Information that has been encrypted (rendered unusable) can be transformed back into its original usable form by an authorized user, who possesses the cryptographic key, through the process of decryption. A method of encryption and decryption is called a cipher. Some cryptographic methods rely on the secrecy of the algorithms.
There are two classes of key-based algorithms,
English for Special Purposes
symmetric (or secret-key) and asymmetric (or public-key) algorithms. The difference is that symmetric algorithms use the same key for encryption and decryption (or the decryption key is easily derived from the encryption key), whereas asymmetric algorithms use a different key for encryption and decryption, and the decryption key cannot be derived from the encryption key.
Symmetric algorithms can be divided into stream ciphers and block ciphers. Stream ciphers can encrypt a single bit of plaintext at a time, whereas block ciphers take a number of bits and encrypt them as a single unit.
Asymmetric ciphers (also called public-key algorithms or public-key cryptography) permit the encryption key to be public, allowing anyone to encrypt with the key but only a proper recipient (who knows the decryption key) can decrypt the message. The encryption key is also called the public key and the decryption key the private key or secret key.
Cryptography is used in information security to protect information by hiding it from unauthorized or accidental disclosure while the information is in transit (either electronically or physically) and while information is in
storage.
Steganography is the art and science of writing hidden
messages and no one, apart from the sender and intended recipient, suspects the existence of the message. It is a form of security through obscurity.
The advantage of steganography over cryptography alone is that messages do not attract attention to themselves. Plainly visible encrypted messages – no matter how unbreakable – will arouse suspicion, and
may be incriminating in countries where encryption is illegal. Therefore, whereas cryptography protects the
contents of a message, steganography can be said to
protect both messages and communicating parties.
It includes the concealment of information within computer files. In digital steganography, electronic communications may include steganographic coding inside of a transport layer, such as a document file, image file, program or protocol. Media files are ideal for steganographic transmission because of their large size. As a simple example, a sender might start with an
innocuous image file and adjust the color of every 100th pixel to correspond to a letter in the alphabet, a change is so subtle that someone not specifically looking for it is
unlikely to notice it.
Digital steganography techniques include concealing messages within the lowest bits of noisy images or sound
Computer Engineering 105
files. The data to be concealed within encrypted or random data is first encrypted before being used to overwrite part of a much larger block of encrypted data or a block of random data. Messages can also be concealed in tampered executable files; pictures are embedded in video material (optionally played at slower or faster speed).
Content-Aware Steganography hides information in the semantics a human user assigns to a datagram. These systems offer security against a non-human adversary/warden.
In Blog-Steganography messages are fractionalized and the (encrypted) pieces are added as comments of orphaned web-logs (or pin boards on social network platforms). In this case the selection of blogs is the symmetric key that sender and recipient are using; the carrier of the hidden message is the whole blogosphere. In Voice-over-IP conversations messages can be concealed in delayed or corrupted packets normally ignored by the receiver, or in unused header fields.
18.Read the text again and find the definitions of the following terms:
network security ____________________________
__________________________________________
information security _________________________
__________________________________________
one factor authentication _____________________
__________________________________________
two factor authentication_____________________
__________________________________________
three factor authentication ___________________
__________________________________________
cryptography _______________________________
encryption _________________________________
decryption _________________________________
cipher ____________________________________
symmetric algorithm _________________________
__________________________________________
asymmetric algorithm ________________________
__________________________________________
stream cipher ______________________________
block cipher ________________________________
steganography _____________________________
19.Summarize the general ideas of text.
English for Special Purposes
106 Computer Engineering
WRITING: Computer crimes prevention
20. There is a variety of security measures that can be used to protect hardware and software, including controlling physical access to hardware and software, backing up data and programs, using passwords, installing firewall, encrypting data, etc. Many of them have been mentioned in this unit. Cover the material of Unit 10, choose a computer crime and work out a list of measures to prevent this crime. It can be done in the form of an article with the title “Ten tips to prevent…”. Afterwards you can discuss your articles in class. Use the material from Supplementary reading section and the following discourse markers to help you.
Focusing on the main |
What is the main problem? |
problem / issue |
What is the real issue (here)? |
|
(I think) the major problem is . . . |
|
Our primary concern is . . . |
|
(As I see it), the most important thing is . . . |
|
The main problem we need to solve is . . . |
|
We really need to take care of . . . |
|
It all comes down to this: … |
|
|
Asking for input |
What should we do about it? |
|
What needs to be done? |
|
What do you think we should do? |
|
What are we going to do about it? |
|
|
Making |
I recommend that . . . |
recommendations |
I suggest that . . . |
|
I would pke to propose that . . . |
|
Why don't we . . . |
|
|
SPEAKING: Computer security
21. Prepare a report and take part in a round table discussion on the topic “Computer security”. The Supplementary reading section may help you.
Topics for discussion: History of computer security and cryptography, information theory, number theory; Data Encryption Standard, Ciphers; Encryption on a network, key management; Access control models, mechanisms; malicious logic, denial of service, covert channels; Security architecture; Hardware mechanisms that protect computers and data; Secure operating systems; Secure coding; Computer crimes.
English for Special Purposes
|
|
|
|
|
Computer Engineering |
107 |
||
Grammar files |
|
|
|
|
|
|||
|
|
|
|
|
|
|
||
|
1. ACTIVE/PASSIVE VOICE |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Active tenses |
|
Affirmative sentence |
Negative sentence |
Interrogative sentence |
|
|
|
|
Present simple |
|
I (you, we, they) load the |
I don’t load the computer |
Do you load the computer |
|
|
|
|
|
|
computer every day. |
every day. |
every day? |
|
|
|
|
|
|
She (he, it) loads the |
She doesn’t load the |
Does she load the |
|
|
|
|
|
|
computer every day. |
computer every day. |
computer every day? |
|
|
|
|
Present continuous |
|
I am loading the |
I am not loading the |
Am I loading the |
|
|
|
|
|
|
computer. |
computer. |
computer? |
|
|
|
|
|
|
You (we, they) are loading |
You are not loading the |
Are they loading the |
|
|
|
|
|
|
the computer. |
computer. |
computer? |
|
|
|
|
|
|
He (he, it) is loading the |
He is not loading the |
Is she loading the |
|
|
|
|
|
|
computer. |
computer. |
computer? |
|
|
|
|
Present perfect simple |
|
I (you, we, they) have |
I have not loaded the |
Have you loaded the |
|
|
|
|
|
|
loaded the computer. |
computer. |
computer? |
|
|
|
|
|
|
She (he, it) has loaded the |
She has not loaded the |
Has he loaded the |
|
|
|
|
|
|
computer. |
computer. |
computer? |
|
|
|
|
Past simple |
|
I loaded the computer |
I did not load the |
Did you load the |
|
|
|
|
|
|
|
computer. |
computer? |
|
|
|
|
Past continuous |
|
I (she, he, it) was loading |
I was not loading the |
Was she loading the |
|
|
|
|
|
|
the computer. |
computer. |
computer? |
|
|
|
|
|
|
You (we, they) were |
They were not loading the |
Were you loading the |
|
|
|
|
|
|
loading the computer. |
computer. |
computer? |
|
|
|
|
Past perfect |
|
I had loaded the |
They had not loaded the |
Had you loaded the |
|
|
|
|
|
|
computer. |
computer. |
computer? |
|
|
|
|
Future simple |
|
I will load the computer. |
We will not load the |
Will you load the |
|
|
|
|
|
|
|
computer. |
computer? |
|
|
|
|
Future continuous |
|
I will be loading the |
She will not be loading the |
Will they be loading the |
|
|
|
|
|
|
computer. |
computer. |
computer? |
|
|
|
|
Future perfect |
|
I will have loaded the |
We will not have loaded |
Will she have loaded the |
|
|
|
|
|
|
computer |
the computer. |
computer? |
|
|
|
|
Future perfect continuous |
|
I will have been loading |
They will not have been |
Will you have been |
|
|
|
|
|
|
the computer. |
loading the computer. |
loading the computer? |
|
|
|
|
|
|
|
|
|
|||
|
Passive tenses |
|
Simple sentence |
Negative sentence |
Interrogative sentence |
|
|
|
|
Present simple |
|
The computer is loaded by |
The computer is not |
Is the computer loaded by |
|
|
|
|
|
|
me. |
loaded by me. |
me? |
|
|
|
|
Present continuous |
|
The computer is being |
The computer is not being |
Is the computer being |
|
|
|
|
|
|
loaded by me. |
loaded by me. |
loaded by me? |
|
|
|
|
Present perfect simple |
|
The computer has been |
The computer has not |
Has the computer been |
|
|
|
|
|
|
loaded by me. |
been loaded by me. |
loaded by me? |
|
|
|
|
Past simple |
|
The computer was loaded |
The computer was not |
Was the computer loaded |
|
|
|
|
|
|
by me. |
loaded by me. |
by me? |
|
|
|
|
Past continuous |
|
The computer was being |
The computer was not |
Was the computer being |
|
|
|
|
|
|
loaded by me. |
being loaded by me. |
loaded by me? |
|
|
|
|
Past perfect |
|
The computer had been |
The computer hadn’t been |
Had the computer been |
|
|
|
|
|
|
loaded by me. |
loaded by me. |
loaded by me? |
|
|
|
|
Future simple |
|
The computer will be |
The computer won’t be |
Will the computer be |
|
|
|
|
|
|
loaded by me. |
loaded by me. |
loaded by me? |
|
|
English for Special Purposes