Model essay 1: Countermeasures of computer virus Abstract: With the continuous progress of computer technology, the virus problem has become more and more serious. Viruses, like computer technology, are constantly developing and mutating at a high speed, posing a great threat to computer security. Based on this, we must strengthen the research on computer virus countermeasures to ensure the safety of computer information. This paper discusses the connotation of computer virus countermeasures, and finally analyzes the strategies and methods of computer virus countermeasures from two aspects of virus attack and virus defense.
Keywords: computer virus; Mechanism of action; Virus attack; Virus defense
Computers will not only play a role in the civilian field, but also play a greater role in the military field, which is of great significance to protecting national security. Even some military experts believe that computer warfare will become the most important battlefield in the future, and its important role will exceed live ammunition. As the core of this battlefield without smoke, virus can be used to launch network attacks, and it is also necessary to strengthen the defense against external virus attacks. Virus countermeasure has become the key of computer war. Therefore, we must have a deep understanding of computer viruses and fully grasp their countermeasures in order to take the initiative in this war without smoke.
1 computer virus countermeasure analysis
1. 1 the connotation of confrontation
The so-called computer virus confrontation, the essence of which is computer virus attack and defense technology, can be understood and analyzed from three levels. The first level describes computer viruses, mainly involving the destruction, hiding and spread of computer viruses. The second level is the technology of defending computer virus, which mainly involves the defense, detection and removal of computer virus. The third level is computer virus confrontation, which mainly involves the alternating process of computer virus manufacturing and development. In the confrontation of computer virus, resisting computer virus is the core key, and its main content is to resist the spread, development and destruction of computer virus, thus preventing the further spread and development of computer virus. However, in order to ensure that viruses can pass through a series of defense measures, computer virus makers continue to develop computer virus dissemination and hiding technologies. This series of tit-for-tat interactive activities is called computer virus confrontation.
Characteristic analysis of 1.2
The characteristics of computer virus countermeasures are related to the computer virus itself. First of all, computer virus countermeasures have the characteristics of concealment. Because computer viruses are very concealed, computer virus countermeasures are also carried out in invisible places, which is very concealed and different from other forms of confrontation. Secondly, computer virus countermeasures are interactive. Computer virus confrontation is mainly the confrontation between two different groups. One side mainly makes computer viruses, and the other side defends against computer virus attacks. In some cases, defenders can also use computer viruses to fight back, thus forcing computer virus makers to defend. Therefore, the manufacture and defense of computer viruses coexist, and the improvement of one technology will also promote the improvement of the other technology. Finally, computer virus countermeasures are highly targeted and have a clear purpose, so computer viruses are designed accordingly. The defense of computer virus also has a clear purpose, which can be carried out according to imaginary or real objects. For example, in national security or war, the use of computer viruses to obtain enemy information secrets can be used to crack the enemy's core plans, thus accurately attacking the enemy. Not only that, but also computer viruses can be used to paralyze the enemy's communication network, so that information can not be transmitted in time, thus ensuring that our own side can occupy enough advantages.
2 computer virus countermeasures strategies and methods
2. 1 computer virus attack
Using computer virus to attack is an important aspect of computer virus confrontation. With its multiple functions, viruses can penetrate into enemy computer systems, thus achieving the functions of invasion, theft, destruction and destruction. According to the current actual situation, using computer viruses to launch attacks has become a common means of network warfare. Its core essence is to use computer viruses to control enemy network systems, command systems, communication systems, control systems and weapon systems, and invade enemy computer systems through gateways, bridges, sensors and controllers. In computer virus attacks, there are five common attack modes, namely, radio mode, solidified intrusion, game mode, backdoor attack and data control chain intrusion. Radio mode mainly eliminates the spread of computer viruses through radio transmission, and intercepts the enemy through certain camouflage, thus achieving the purpose of invasion. Although the advantages of radio intrusion are obvious, the technical difficulty is also great. General computer viruses can be directly sent to the enemy through electronic systems, or transmitted as legal data, and mixed with legal data to enter the enemy computer network system. In addition, it is possible to directly drop the weakest information protection of the enemy and invade the unprotected data link. Solidification is mainly to store computer viruses in some hardware devices and then send these hardware devices to the enemy through some specific channels. When the enemy uses these hardware devices, the virus stored in them will invade the computer software system and realize the function of stealing data or destroying the system. However, judging from the current actual situation, the quality level of computer hardware equipment in China is still relatively low, and the core technologies of various hardware equipment have been firmly mastered by other countries. There are certain limitations in using this method to fight computer viruses. Game mode is to attach computer virus programs to some game programs. When the game runs to a certain node or triggers a certain kind of event, these viruses will be activated. Moreover, during the game, it is difficult to find the existence and activities of these viruses, which can increase the time and effectiveness of these viruses in related sabotage activities. Backdoor attack is to use the security backdoor reserved by the computer system itself to inject viruses directly into the computer system from this security backdoor. The commonly used back door attack methods mainly include controllable electric pulses, which inject viruses from the reserved back door of the computer system. The invasion of data control chain mainly uses Internet technology to inject computer virus from the data control chain of C4KISR system. Moreover, the paths of these data links can be easily modified by remote modification technology, and it is easier to become the invasion channel of computer viruses.
2.2 computer virus defense measures
Computer virus defense is divided into two parts: attack and defense, so when defending computer viruses, we should combine the specific attack means of computer viruses and formulate corresponding defense measures. At present, the most commonly used computer virus defense means can be divided into four forms. The first form is a virus protection system. Although there are many kinds of viruses and their mechanisms of action are different, their destructive effects on computer systems are the same. Based on this, we can build a comprehensive virus protection system from the destructive effect of viruses on computer systems, and effectively keep computer viruses out of the system. The computer virus protection system should include six aspects: access control layer, virus detection layer, virus containment layer, virus removal layer, system recovery layer and emergency layer. The second form is hardware security system. Computer hardware may be the carrier of many viruses. Therefore, when defending against computer virus, it is necessary to strengthen the construction of hardware placement system and cut off the way of virus invading computer system from the root. First of all, we should strengthen the control of computer hardware and strictly control the quality and safety. Secondly, efforts should be made to realize the autonomy of computer hardware and reduce dependence on external products. The third form is to build an electromagnetic radiation protection system. Because electromagnetic pulse can be a channel for computer viruses to spread, it is necessary to establish a corresponding protection system when defending against viruses. Electromagnetic shielding can be used to block the propagation of electromagnetic waves and isolate them from computer systems. The fourth form is to establish a security organization, which not only requires strict management of the normal and safe operation of computer systems, but also requires monitoring of computer software and hardware. Not only that, we also need to study the protection measures of computer viruses to improve the comprehensive defense ability of computer systems.
3 Conclusion
With the continuous progress of science and technology, the development of computer field has attracted people's attention. Computer virus countermeasures have become the core content of national defense security in the new period. Therefore, it is necessary to form a deep understanding of computer virus, deeply analyze its connotation and characteristics, strengthen the research on computer virus countermeasures from two aspects of computer virus attack and defense, and continuously improve the ability level of computer virus countermeasures.
refer to
1 he. Advanced technology analysis of computer virus detection [J]. Computer Security, 20 10( 10)
Yang Yuxin. Computer ghost virus and its analysis and prevention thinking [J]. Science and technology communication, 20 12( 1)
3 easy to jump. Computer Virus Prevention and Control in Electronic Countermeasure of Shipborne Command and Control System [J]. Science and Technology Economic Market 2009(5)
Zhang Haiyan, Xiao Dongrong and Shiping Li. Computer Virus Intrusion and Countermeasures [J]. Microcomputer Information, 2008(9)
5 Na Wei. On the Development Trend of Computer Viruses [J]. Science and Technology Entrepreneur, 20 14(8)
On the basis of analyzing the concept and significance of enterprise computer information security, this paper discusses the main threats faced by enterprise computer information security. Finally, from four aspects: strengthening enterprise employees' computer information security education, establishing and perfecting enterprise computer information security management system, establishing and perfecting enterprise computer information security response mechanism, and installing firewall or other intrusion detection systems, this paper focuses on the specific measures to improve enterprise computer information security management, with a view to providing some reference for relevant theoretical research and practical work.
Keywords: enterprise; Computer; Information security work
With the rapid development of social economy and the continuous progress of science and technology, computer network technology has gradually matured, and it has been more and more widely used in various fields of society during the development of the times. The application of computer network technology in enterprise management has brought great convenience to people's life and work, but it can not be ignored that it also poses a certain degree of threat to enterprise information security. Under this background, it is of great practical significance to study many problems of enterprise computer information security.
1 Overview of enterprise computer information security
1. 1 concept of enterprise computer information security
Enterprise computer information security is a kind of security protection technology, which provides services for data processing systems. It not only ensures the security of computer information and data, but also protects the security of computer software and hardware. Generally speaking, protecting enterprise computer information security means protecting the logical security and physical security of enterprise computers. The former mainly refers to the security of information data, and the maintainer of enterprise computer information security should protect the information data inside the enterprise from being destroyed or leaked, and ensure its integrity and rigor; The latter mainly refers to hardware security.
1.2 the importance of maintaining enterprise computer information security
From the current practice of computer information security maintenance in enterprises, due to the loopholes in the internal computer information security maintenance system, there are still many computer security problems such as viruses invading databases, which have brought considerable economic losses and social losses such as intellectual property leakage to enterprises. Generally speaking, computer viruses are spread through electronic files. In addition, the invasion of hackers and the information leakage of insiders are also the reasons that undermine the security of enterprise computer information. There are many reasons for these phenomena, but the main reason is that there are defects in the work of computer information security in enterprises, and enterprises do not know enough about the importance of computer information security in enterprises. Therefore, it is of great practical significance to pay enough attention to enterprise computer information security and take a series of measures to maintain enterprise computer information security.
2 main threats to enterprise computer information security
2. 1 Hardware failure
Computer hardware mainly includes motherboard, memory, network card, graphics card and power supply. And other network devices, such as routers, switches and other transmission devices, may also cause the loss and leakage of information, and even cause the complete paralysis of enterprise computer systems.
2.2 Software failure
As long as computer programs exist, bugs will exist. More seriously, some security software itself has defects and loopholes. In today's popular mainstream operating systems, various new vulnerabilities and Trojan viruses emerge one after another, which pose a serious threat to computer network security and greatly hinder the safe and stable development of enterprises. 2.3 The network itself has problems. In general, computer users in an enterprise are only familiar with their own internal computer operations, and they cannot completely guarantee that every operation is correct and safe for other computer operations. This provides opportunities for criminals to use viruses, Trojans and so on. When computer users in enterprises copy files with ordinary mobile storage devices, it will have an impact on the security of enterprise computer information, and some operational errors in the internal network will spread more widely.
2.4 malicious attacks by hackers
Hackers mainly use two methods to attack enterprise computer information security. First of all, take advantage of the loopholes in the enterprise computer operating system, such as remote access, password management, authority control and so on. Although these have brought great convenience to computer users, the loopholes are easy to be exploited by hackers. Secondly, the defects of TCP/IP protocol itself. Because the original design of this protocol is based on the network of mutual trust, it will have some adverse effects on the safe operation of enterprise computers. Hackers use these vulnerabilities to attack enterprise computer information security.
3 specific measures to improve enterprise computer information security management
3. 1 Strengthen the computer information security education of enterprise employees.
First of all, strengthen the education of enterprise computer information security thought, infiltrate enterprise computer information security thought into employees' daily management and operation, and enhance employees' awareness of its importance. Secondly, organize professional and technical personnel to train enterprise computer users, that is, enterprise employees, in computer information security technology, and impart necessary security protection knowledge to realize the organized and planned development of enterprise computer information security education. Thirdly, hire professional computer network information security protection experts and specialized technicians to give in-depth lectures on computer information security technology to enterprise employees, including computer information encryption, software operation management information protection and so on. , improve the computer information security protection technology of employees in important positions. Finally, strengthen the cultivation of computer information security maintenance talents in enterprises, and provide continuous intellectual support for computer information security work in enterprises. Constantly improve their professional quality, strengthen their sense of confidentiality, so that they always maintain a sense of responsibility.
3.2 establish and improve the enterprise computer information security management system
The management leaders of enterprises should set up special posts, select specialized talents, set up a more formal enterprise computer information security management team or organization, and make a reasonable division of labor among them, and also bring the management leaders of enterprises into the enterprise computer information security management team to realize the organic combination of senior managers and technicians. In this group, we should pay attention to the responsibility to people, with clear responsibilities and detailed responsibilities. Leaders and supervisors, information security personnel, system managers, security technicians, etc. It is the basis of rational division of labor in enterprise computer information security. In addition to the overall enterprise computer information security work within the enterprise, each subordinate department can also formulate a system suitable for its own computer information security work according to the actual situation of the department, and assign special personnel to supervise the implementation. For example, it is not allowed to change or delete the internal data of the enterprise at will, and it is not allowed to accept emails of unknown origin.
3.3 Establish and improve the enterprise computer information security response mechanism.
The response mechanism of enterprise computer information security mainly means that when an incident that hinders enterprise computer information security occurs, enterprise computer information security maintenance personnel need to take remedial measures in time to minimize or even eliminate its adverse effects and restore the normal operation of enterprise computers. For example, in the case of hacking, information theft, abnormal network traffic, etc. Specialized enterprise computer information security maintenance technicians need to investigate and remedy the faults. In order to improve the speed and accuracy of this process, it is necessary to build and improve the enterprise computer information security response mechanism. In the process of construction and continuous improvement, technical experts, business managers, legal advisers and computer end users are all members of the R&D team that need to be included in the enterprise computer information security response mechanism.
3.4 Install a firewall or other intrusion detection system.
Firewall can shield other information except the data information allowed by itself, which has a very obvious security maintenance effect. Firewall integrates multiple functions, which can realize the combination of multiple functions and protect its internal network from network insecurity. Other intrusion detection systems can play a more active role, prevent external intrusion and internal operational errors, deal with external hazards in advance, and reduce the economic and social benefits losses brought to enterprises.
4 conclusion
The computer information security maintainers in enterprises need to devote more time and energy to deeply study and discuss the related problems of computer information security in enterprises' production and operation, so as to improve the quality and level of computer information security in enterprises.
refer to
[1] glory. Analysis and research on enterprise computer information security management strategy [J]. Network security technology and application, 20 14 (7): 27-29.
[2] Xia Mingguang. Research on Computer Information Security of Electric Power Enterprises under Network Environment [J]. Consumer Electronics, 20 14 (24): 183.
[3] Jiao Xinsheng. On computer network information and network security and its protection strategy [J]. Science and technology communication, 201(5):195+193.
Related articles of computer academic papers:
1.
2. Computer academic papers
3. Foreign computer academic papers
4. Computer papers
5. Computer graduation thesis reference book