ARBA MINCH UNIVERSITY

INSTITUTE OF TECHNOLOGY
OPERATING SYSTEM
Group Assignment (I) & (II)

DEPARTMENT: INFORMATION TECHNOLOGY

NAME: ID. NO :
1. AREGAHAGN DESTA ……………………........ NSR/329/13

2. ABDI TAJU………………………………………...NSR/020/13
3. NIHAL MUSA.........................................................NSR/1910/13

INSTRUCTOR: Mr DAWIT

SUBMISSION DATE: 27 - 02 - 2023

ASSIGNMENT ONE
1. First come first serve (FCFS) scheduling of implementation
First come first serve (FCFS) scheduling algorithm simply schedules the jobs according
to their arrival time. The job which comes first in the ready queue will get the CPU first.
The lesser the arrival time of the job, the sooner will the job get the CPU. FCFS
scheduling may cause the problem of starvation if the burst time of the first process is the
longest among all the jobs.
/* Simple C++ program for implementation
of FCFS scheduling */

#include<iostream>

using namespace std;

// function to find the waiting time for all processes

void findWaitingTime(int processes[], int n, int bt[], int wt[])
{
// waiting time for first process will be 0
wt[0] = 0;

// calculating waiting time

for (int i = 1; i < n ; i++)
{
wt[i] = bt[i-1] + wt[i-1];
}
}

// function to calculate turn around time

void findTurnAroundTime( int processes[], int n, int bt[], int wt[], int tat[])
{
// calculating turnaround time by adding
// bt[i] + wt[i]
for (int i = 0; i < n ; i++)
{
tat[i] = bt[i] + wt[i];
}
}

// function to calculate average time

void findAverageTime( int processes[], int n, int bt[])
{
int wt[n], tat[n], total_wt = 0, total_tat = 0;

// function to find waiting time of all processes

findWaitingTime(processes, n, bt, wt);

// function to find turn around time for all processes

findTurnAroundTime(processes, n, bt, wt, tat);

// display processes along with all details

cout << "Processes "<< " Burst time "<< " Waiting time " << " Turn around time\n";

// calculate total waiting time and total turn around time

for (int i = 0; i < n; i++)
{
total_wt = total_wt + wt[i];
total_tat = total_tat + tat[i];
cout << " " << i+1 << "\t\t" << bt[i] <<"\t "<< wt[i] <<"\t\t " << tat[i] <<endl;
}
 cout << "Average waiting time = "<< (float)total_wt / (float)n;
cout << "\nAverage turn around time = "<< (float)total_tat / (float)n;
}

// main function
int main()
{
// process ids
int processes[] = { 1, 2, 3, 4};
int n = sizeof processes / sizeof processes[0];

// burst time of all processes

int burst_time[] = {21, 3, 6, 2};

findAverageTime(processes, n, burst_time);

return 0;
}
Output:
Processes Burst time Waiting time Turn around time
1 21 0 21
2 3 21 24
3 6 24 30
4 2 30 32
Average waiting time = 18.75
Average turn around time = 26.75

2. SJF scheduling algorithm of implementation

Till now, we were scheduling the processes according to their arrival time (in FCFS
scheduling). However, SJF scheduling algorithm, schedules the processes according to their
burst time.
In SJF scheduling, the process with the lowest burst time, among the list of available
processes in the ready queue, is going to be scheduled next.
However, it is very difficult to predict the burst time needed for a process hence this
algorithm is very difficult to implement in the system.

// c++ program to implement Shortest Job first

#include<bits/stdc++.h>

using namespace std;

struct Process
{
int pid; // process ID
int bt; // burst Time
};

/*
this function is used for sorting all
processes in increasing order of burst time
*/
bool comparison(Process a, Process b)
{
return (a.bt < b.bt);
}

// function to find the waiting time for all processes

void findWaitingTime(Process proc[], int n, int wt[])
{
// waiting time for first process is 0
wt[0] = 0;

// calculating waiting time

for (int i = 1; i < n ; i++)
{
wt[i] = proc[i-1].bt + wt[i-1] ;
}
}

// function to calculate turn around time

void findTurnAroundTime(Process proc[], int n, int wt[], int tat[])
{
// calculating turnaround time by adding bt[i] + wt[i]
for (int i = 0; i < n ; i++)
{
tat[i] = proc[i].bt + wt[i];
}
}

// function to calculate average time

void findAverageTime(Process proc[], int n)
{
int wt[n], tat[n], total_wt = 0, total_tat = 0;

// function to find waiting time of all processes

findWaitingTime(proc, n, wt);

// function to find turn around time for all processes

 findTurnAroundTime(proc, n, wt, tat);

// display processes along with all details

cout << "\nProcesses "<< " Burst time "
<< " Waiting time " << " Turn around time\n";

// calculate total waiting time and total turn around time

for (int i = 0; i < n; i++)
{
total_wt = total_wt + wt[i];
total_tat = total_tat + tat[i];
cout << " " << proc[i].pid << "\t\t"
<< proc[i].bt << "\t " << wt[i]
<< "\t\t " << tat[i] <<endl;
}

cout << "Average waiting time = "

<< (float)total_wt / (float)n;
cout << "\nAverage turn around time = "
<< (float)total_tat / (float)n;
}

// main function
int main()
{
Process proc[] = {{1, 21}, {2, 3}, {3, 6}, {4, 2}};
int n = sizeof proc / sizeof proc[0];

// sorting processes by burst time.

sort(proc, proc + n, comparison);
 cout << "Order in which process gets executed\n";
for (int i = 0 ; i < n; i++)
{
cout << proc[i].pid <<" ";
}

findAverageTime(proc, n);

return 0;
}

Output:
Order in which process gets executed
4231
Processes Burst time Waiting time Turn around time
4 2 0 2
2 3 2 5
3 6 5 11
1 21 11 32

Average waiting time = 4.5

Average turn around time = 12.5
3. Round Robin scheduling algorithm and implementation

Round Robin scheduling algorithm is one of the most popular scheduling algorithm
which can actually be implemented in most of the operating systems. This is the pre-
emptive version of first come first serve scheduling. The Algorithm focuses on Time
Sharing. In this algorithm, every process gets executed in a cyclic way. A certain time
slice is defined in the system which is called time quantum. Each process present in
the ready queue is assigned the CPU for that time quantum, if the execution of the
process is completed during that time then the process will terminate else the process
will go back to the ready queue and waits for the next turn to complete the execution.
//Learnprogramo - programming made Simple
// C++ program for implementation of RR scheduling
#include<iostream>
using namespace std;
// Function to find the waiting time for all
// processes
void findWaitingTime(int processes[], int n,
int bt[], int wt[], int quantum)
{
// Make a copy of burst times bt[] to store remaining
// burst times.
int rem_bt[n];
for (int i = 0 ; i < n ; i++)
rem_bt[i] = bt[i];
int t = 0; // Current time
// Keep traversing processes in round robin manner
// until all of them are not done.
while (1)
{
bool done = true;
// Traverse all processes one by one repeatedly
for (int i = 0 ; i < n; i++)
{
// If burst time of a process is greater than 0
// then only need to process further
if (rem_bt[i] > 0)
{
done = false; // There is a pending process
if (rem_bt[i] > quantum)
 {
// Increase the value of t i.e. shows
// how much time a process has been processed
t += quantum;
// Decrease the burst_time of current process
// by quantum
rem_bt[i] -= quantum;
}
// If burst time is smaller than or equal to
// quantum. Last cycle for this process
else
{
// Increase the value of t i.e. shows
// how much time a process has been processed
t = t + rem_bt[i];
// Waiting time is current time minus time
// used by this process
wt[i] = t - bt[i];
// As the process gets fully executed
// make its remaining burst time = 0
rem_bt[i] = 0;
}
}
}
// If all processes are done
if (done == true)
break;
}
}
// Function to calculate turn around time
void findTurnAroundTime(int processes[], int n,
int bt[], int wt[], int tat[])
{
// calculating turnaround time by adding
// bt[i] + wt[i]
for (int i = 0; i < n ; i++)
tat[i] = bt[i] + wt[i];
}
// Function to calculate average time
void findavgTime(int processes[], int n, int bt[],
int quantum)
{
int wt[n], tat[n], total_wt = 0, total_tat = 0;
// Function to find waiting time of all processes
findWaitingTime(processes, n, bt, wt, quantum);
// Function to find turn around time for all processes
findTurnAroundTime(processes, n, bt, wt, tat);
// Display processes along with all details
cout << "Processes "<< " Burst time "
<< " Waiting time " << " Turn around time\n";
// Calculate total waiting time and total turn
// around time
for (int i=0; i<n; i++)
{
total_wt = total_wt + wt[i];
total_tat = total_tat + tat[i];
cout << " " << i+1 << "\t\t" << bt[i] <<"\t "
<< wt[i] <<"\t\t " << tat[i] <<endl;
}
cout << "Average waiting time = "
 << (float)total_wt / (float)n;
cout << "\nAverage turn around time = "
<< (float)total_tat / (float)n;
}
int main()
{
// process id's
int processes[] = { 1, 2, 3};
int n = sizeof processes / sizeof processes[0];
// Burst time of all processes
int burst_time[] = {10, 5, 8};
// Time quantum
int quantum = 2;
findavgTime(processes, n, burst_time, quantum);
return 0;
}

output:

Processes Burst time Waiting time Turn around time

1 10 13 23
2 5 10 15
3 8 13 21
Average waiting time = 12
Average turnaround time = 19.6667

4. Banker algorithm and implementation (bonus mark)

I) For single resource
// Banker's Algorithm
#include <iostream>
using namespace std;
int main()
{
// P0, P1, P2, P3, P4 are the Process names here

int n, m, i, j, k;
n = 5; // Number of processes
m = 3; // Number of resources
int alloc[5][3] = { { 0, 1, 0 }, // P0 // Allocation Matrix
{ 2, 0, 0 }, // P1
{ 3, 0, 2 }, // P2
{ 2, 1, 1 }, // P3
{ 0, 0, 2 } }; // P4

int max[5][3] = { { 7, 5, 3 }, // P0 // MAX Matrix

{ 3, 2, 2 }, // P1
{ 9, 0, 2 }, // P2
{ 2, 2, 2 }, // P3
{ 4, 3, 3 } }; // P4

int avail[3] = { 3, 3, 2 }; // Available Resources

int f[n], ans[n], ind = 0;

for (k = 0; k < n; k++) {
f[k] = 0;
}
int need[n][m];
for (i = 0; i < n; i++) {
for (j = 0; j < m; j++)
need[i][j] = max[i][j] - alloc[i][j];
}
int y = 0;
for (k = 0; k < 5; k++) {
for (i = 0; i < n; i++) {
if (f[i] == 0) {

int flag = 0;
for (j = 0; j < m; j++) {
if (need[i][j] > avail[j]){
flag = 1;
break;
}
}

if (flag == 0) {
ans[ind++] = i;
for (y = 0; y < m; y++)
avail[y] += alloc[i][y];
f[i] = 1;
}
}
}
}

int flag = 1;

// To check if sequence is safe or not

for(int i = 0;i<n;i++)
{
if(f[i]==0)
 {
flag = 0;
cout << "The given sequence is not safe";
break;
}
}

if(flag==1)
{
cout << "Following is the SAFE Sequence" << endl;
for (i = 0; i < n - 1; i++)
cout << " P" << ans[i] << " ->";
cout << " P" << ans[n - 1] <<endl;
}

return (0);
}
Output
Following is the SAFE Sequence
P1 -> P3 -> P4 -> P0 -> P2

II) For single resource

BANKER'S ALGORITHM
The banker's algorithm is a resource allocation and deadlock avoidance algorithm that tests
for safety by simulating the allocation for predetermined maximum possible amounts of all
resources, then makes an 's-state' check to test for possible activities, before deciding whether
allocation should be allowed to continue.
The Banker's algorithm got its name because it could be used in a banking system to ensure
that the bank never allocated its available cash in such a way that it could no longer satisfy
the needs of all its
customers.
Properties -
Multiple instances
Each process must a priori claim maximum use
When a process requests a resource it may have to wait
When a process gets all its resources it must return them in a finite amount of time
CODE :-

#include<bits/stdc++.h>
using namespace std;

int allocation[10][3],need[10][3],Max[10][3],available[10][3];
int p,current[3];
bool executed[10],come;
void IMP(){
come=false;
for (int i = 0; i < 10; ++i)
{
executed[i]=false;
}
}
void Calculate(){
IMP();
int i,j;
for (i = 0; i < p; ++i)
{
for (j = 0; j < p; ++j)
{
while(executed[j] && j<p-1){
j++;
}
 if (need[j][0]<=current[0]&&need[j][1]<=current[1]&&need[j]
[2]<=current[2])
{
if (!executed[j])
{
executed[j]=true;
current[0]+=allocation[j][0];current[1]+=allocation[j]
[1];current[2]+=allocation[j][2];
cout<<"\nProcess P"<<j+1;
cout<<"\nCurrent: "<<current[0]<<" "<<current[1]<<"
"<<current[2]<<"\n";
cout<<"\nProcess executed without deadlock";
come=true;
break;
}
}
}
if (!come)
{
cout<<"\n Dead lock\n\n";
break;
}else{
come=false;
}
}
}

int main (){

int keepon = 1;
cout<<"Enter No. of processes: ";
cin>>p;
 cout<<"\n";
cout<<"Enter the current resources: ";
cin>>current[0]>>current[1]>>current[2];
for (int i = 0; i < p; ++i)
{
cout<<"\n\n Process P"<<i+1<<" Details\n";
cout<<"Enter Allocation : ";
cin>>allocation[i][0]>>allocation[i][1]>>allocation[i][2];
cout<<"Enter Max :";
cin>>Max[i][0]>>Max[i][1]>>Max[i][2];
need[i][0]=Max[i][0]-allocation[i][0];need[i][1]=Max[i][1]-allocation[i]
[1];need[i][2]=Max[i][2]-allocation[i][2];
}
cout<<"\n\n Table for Bankers Algo\n\n";
cout<<"Initial Resources: "<<current[0]<<" "<<current[1]<<" "<<current[2]<<"\n\n";
cout<<"Process Max Allocation Need\n";
for (int i = 0; i < p; ++i)
{
cout<<" P"<<i+1<<" ";
cout<<" "<<Max[i][0]<<" "<<Max[i][1]<<" "<<Max[i][2]<<" ";
cout<<" "<<allocation[i][0]<<" "<<allocation[i][1]<<" "<<allocation[i][2]<<"
";
cout<<" "<<need[i][0]<<" "<<need[i][1]<<" "<<need[i][2];
cout<<"\n";
}
cout<<"\n\n";
Calculate();
while(keepon){
int val,pro;
cout<<"\n\nSelect Below oprations:\n\n";
cout<<"1.Change Max of process: \n";
 cout<<"2.Change Allocation of process\n";
cout<<"3.Change Initial Resources\n";
cout<<"4.Exit\n\n";
cin>>val;
if (val==1)
{
cout<<"\n\nEnter Process No: ";
cin>>pro;
cout<<"\nEnter New Max: ";
cin>>Max[pro-1][0]>>Max[pro-1][1]>>Max[pro-1][2];
}
else if (val==2)
{
cout<<"\n\nEnter Process No: ";
cin>>pro;
cout<<"\nEnter New Allocation: ";
cin>>allocation[pro-1][0]>>allocation[pro-1][1]>>allocation[pro-1]
[2];
}
else if (val==3)
{
cout<<"\nEnter Initial Resources: ";
cin>>current[0]>>current[1]>>current[2];
}
else{
break;
}
Calculate();
}
return 0;
}
ASSIGNMENT TWO
1. Difference Between Security and Protection
Security:
The security systems covers the safety of their system resources (saved data,
memory, disks, etc) across malignant alteration, illegal access, and disparity or
inconsistency. The security gives a mechanism (authentication and encryption) to
analyze the user to permit for using the system.

For example, in a corporation that the info is obtained by completely different

workers however, it can’t be obtained by a user that doesn’t exist in this explicit
organization or a user operating in different business enterprises. Security is the
vital task for a corporation to provide some safety mechanism in order that no
outside user will access the knowledge of the organization.

Protection:
Protection deals with the access to the system resources. It determines that what
files can be accessed or permeated by a special user. The protection of the system
should confirm the approval of the process and users. Due to this, these licensed
users and processes will care for the central processing unit, memory and
alternative sources. The protection mechanism ought to provide a path for
specifying the controls to be obligatory, beside how of implementing them.

Example of protection can be given from the security, any organization will have
many departments below that several staff operate. the assorted departments will
share frequent info with one another however not sensitive info. So, completely
different employees have different access rights the info in step with that they
will access the define data.
S.No Comparison based on Security Protection

1 Basic Security grants the While protection

system access the deals with the
appropriate users access to the
only. system resources

2 Types of threats involved of In security While in protection

the system external threats ,internal threats
are involved are involved

3 Queries handle In security more Whereas in

convoluted queries protection simple
are handled queries are
handled

4 Policy Security illustrate Whereas

that which person protection
is granted for determines that
using the system what files can be
accessed or
permeated by a
special user

5 Mechanism In security Whereas in

encryption and protection
certification authorized
(authentication) mechanism is
mechanisms are implemented
used
The goals & principles of protection:
Goals of Protection
Operating system consists of a collection of objects, hardware or software. Each
object has a unique name and can be accessed through a well-defined set of
operations.

Protection problem - ensure that each object is accessed correctly and only by
those processes that are allowed to do so.

 Obviously to prevent malicious misuse of the system by users or programs.

 To ensure that each shared resource is used only in accordance with system
policies, which may be set either by system designers or by system
administrators.

 To ensure that errant programs cause the minimal amount of damage possible.

 Note that protection systems only provide the mechanisms for enforcing
policies and ensuring reliable systems. It is up to administrators and users to
implement those mechanisms effectively.

Principles of Protection
Programs, users and systems should be given just enough privileges to perform
their tasks

 The principle of least privilege dictates that programs, users, and systems be
given just enough privileges to perform their tasks.

 This ensures that failures do the least amount of harm and allow the least of
harm to be done.

 For example, if a program needs special privileges to perform a task, it is

better to make it a SGID program with group ownership of "network" or
"backup" or some other pseudo group, rather than SUID with root ownership.
This limits the amount of damage that can occur if something goes wrong.

 Typically each user is given their own account, and has only enough privilege
to modify their own files.

 The root account should not be used for normal day to day activities – The
System Administrator should also have an ordinary account, and reserve use of
the root account for only those tasks which need the root privileges
2. Explain the following security problems (violations of security)
independently?
 Masquerading(man in the middle attack)
A masquerade attack is an attack that uses a fake identity, such as a network
identity, to gain unauthorized access to personal computer information through
legitimate access identification. If an authorization process is not fully protected,
it can become extremely vulnerable to a masquerade attack.

Masquerade attacks can be perpetrated using stolen passwords and logons, by

locating gaps in programs, or by finding a way around the authentication
process. The attack can be triggered either by someone within the organization
or by an outsider if the organization is connected to a public network. The
amount of access masquerade attackers get depends on the level of authorization
they've managed to attain. As such, masquerade attackers can have a full
smorgasbord of cybercrime opportunities if they’ve gained the highest access
authority to a business organization. Personal attacks, although less common,
can also be harmful.

Theft of Services
Theft of services is a crime that refers to using a service without paying for it.
This is a common charge among people who do not have lengthy criminal
records, because there are many ways to commit theft of service without even
realizing it. Many people charged with theft of service are law-abiding citizens,
or people who simply made a mistake. Fortunately, the charge is often dismissed,
and can be expunged from one’s criminal record.

Theft of service often occurs accidentally, through miscommunication, or

because people do not know the action is a form of theft. Also, a theft of service
charge may be brought against people who are financially unable to pay for a
service they received. Some examples of actions that can be considered theft of
service are:

Riding a train, bus, or subway without purchasing a pass

Using utilities or telecommunication services without paying

Neglecting to pay for medical treatment

Failure to pay for landscaping, repair, or construction services

Theft of service is usually misdemeanor, but if the service was worth a lot of
money, as with medical services or construction work, it could be considered a
felony. However, there are some valid reasons not to pay for services, in which
case a theft of service charge may be successfully contested. For very minor
offenses, it may even be dismissed.

 DOS and DDOS attacks

In Computing a denial-of-service attack  (DoS attack) is a Cyber – attack in
which the perpetrator seeks to make a machine or network resource unavailable
to its intended users by temporarily or indefinitely disrupting Services of
a host connected to a network. Denial of service is typically accomplished by
flooding the targeted machine or resource with superfluous requests in an
attempt to overload systems and prevent some or all legitimate requests from
being fulfilled.

In a distributed denial-of-service attack (DDoS attack), the incoming traffic

flooding the victim originates from many different sources. More sophisticated
strategies are required to mitigate this type of attack, as simply attempting to
block a single source is insufficient because there are multiple sources.

A DoS or DDoS attack is analogous to a group of people crowding the entry door
of a shop, making it hard for legitimate customers to enter, thus disrupting trade.

Criminal perpetrators of DoS attacks often target sites or services hosted on

high-profile web server  such as banks or credit  Revenge, blackmail and
hacktivism  can motivate these attacks.

Computer is used to flood a server with TCP and UDP packets. A DDoS attack is
where multiple systems target a single system with a DoS attack.

How does a DoS attack or DDoS attack work?

As the server is flooded with more Transmission Control Protocol/User

Datagram Protocol (TCP/UDP) packets than it can process, it may crash, the
data may become corrupted, and resources may be misdirected or even
exhausted to the point of paralyzing the system.
 Breach of confidentiality, integrity and availability
Confidentiality, integrity and availability, also known as the CIA triad, is a
model designed to guide policies for information security within an organization.
The model is also sometimes referred to as the AIC triad (availability, integrity
and confidentiality) to avoid confusion with the Central Intelligence Agency.
Although elements of the triad are three of the most foundational and crucial
cyber security needs, experts believe the CIA triad needs an upgrade to stay
effective.

In this context, confidentiality is a set of rules that limits access to

information, integrity is the assurance that the information is trustworthy and
accurate, and availability is a guarantee of reliable access to the information by
authorized people.

Confidentiality, integrity, availability

The following is a breakdown of the three key concepts that form the CIA triad:

Confidentiality is roughly equivalent to privacy. Confidentiality measures are

designed to prevent sensitive information from unauthorized access attempts. It
is common for data to be categorized according to the amount and type of
damage that could be done if it fell into the wrong hands. More or less stringent
measures can then be implemented according to those categories.

Integrity involves maintaining the consistency, accuracy and trustworthiness of

data over its entire lifecycle. Data must not be changed in transit, and steps must
be taken to ensure data cannot be altered by unauthorized people (for example,
in a breach of confidentiality).

Availability means information should be consistently and readily accessible for

authorized parties. This involves properly maintaining hardware and technical
infrastructure and systems that hold and display the information.
Breach of Confidentiality, Integrity, and Availability: A breach of confidentiality
refers to any incident that results in an unintentional disclosure or destruction of
sensitive data. A breach of integrity occurs when data is modified or deleted in a
way that does not follow policy guidelines. A breach of availability refers to any
incident that disrupts the expected use or performance level for any protected
asset such as networks, servers or data storage locations. All three types of
breaches lead to a disruption in business operations due to compromised security
measures usually from malicious actors attempting to gain unauthorized access
and this is a violation of security protocols

Reply attack

A replay attack occurs when a cybercriminal eavesdrops on a secure network

communication, intercepts it, and then fraudulently delays or resends it to
misdirect the receiver into doing what the hacker wants. The added danger of
replay attacks is that a hacker doesn't even need advanced skills to decrypt a
message after capturing it from the network. The attack could be successful
simply by resending the whole thing.

3. What are the major difference between the following program

Threats.
Virus:
A virus is a computer code or program, which is capable of affecting your
computer data badly by corrupting or destroying them. Computer virus has the
tendency to make its duplicate copies at a swift pace, and also spread it across
every folder and damage the data of your computer system.

A computer virus is a kind of malicious computer program, which when

executed, replicates itself and inserts its own code, which spreads a harmful virus
in the system. This computer virus ultimately affects the functioning and
programming of the device.
Malware
Malware (short for “malicious software”) is a file or code, typically delivered
over a network, that infects, explores, steals or conducts virtually any behavior
an attacker wants. And because malware comes in so many variants, there are
numerous methods to infect computer systems. Though varied in type and
capabilities, malware usually has one of the following objectives:

Provide remote control for an attacker to use an infected machine.

Send spam from the infected machine to unsuspecting targets.

Investigate the infected user’s local network.

Steal sensitive data.

A logic bomb
Is a set of instructions in a program carrying a malicious payload that can attack
an operating system, program, or network. It only goes off after certain
conditions are met. A simple example of these conditions is a specific date or
time. A more complex example is when an organization fires an employee and
logs their dismissal in their system.

A logic bomb usually carries a computer virus or a computer worm. Even though
some people use the two terms interchangeably, they’re not the types of malware.
Let’s understand the worm vs virus debate better:

A computer virus is a malicious program that spreads by infecting files and

corrupting or deleting data. Computer viruses are handy components of logic
bombs that can be designed by disgruntled employees looking for revenge.

A computer worm is similar to a computer virus but can be more sophisticated.

Unlike a virus, a worm doesn’t need human action to propagate once inside a
network. Additionally, a worm can drop more threatening malware like ransom
ware, rootkits, and spyware

Trojan horse
A Trojan Horse (Trojan) is a type of malware that disguises itself as legitimate
code or software. Once inside the network, attackers are able to carry out any
action that a legitimate user could perform, such as exporting files, modifying
data, deleting files or otherwise altering the contents of the device. Trojans may
be packaged in downloads for games, tools, apps or even software patches. Many
Trojan attacks also leverage social engineering tactics, as well
as spoofing and phishing, to prompt the desired action in the user

Spyware
Spyware (a portmanteau for spying software) is software with malicious
behaviour that aims to gather information about a person or organization and
send it to another entity in a way that harms the user—for example, by violating
their privacy or endangering their device's security. This behaviour may be
present in malware as well as in legitimate software. Websites may engage in
spyware behaviours like web tracking. Hardware devices may also be affected.
[1] Spyware is frequently associated with advertising and involves many of the
same issues. Because these behaviors are so common, and can have non-harmful
uses, providing a precise definition of spyware is a difficult task.[2]

4. What is the difference between asymmetric and symmetric

encryption? Give 2 examples for each.
Symmetric Key Encryption: Encryption is a process to change the form of
any message in order to protect it from reading by anyone. In Symmetric-key
encryption the message is encrypted by using a key and the same key is used to
decrypt the message which makes it easy to use but less secure. It also requires a
safe method to transfer the key from one party to another.

Asymmetric Key Encryption: Asymmetric Key Encryption is based on

public and private key encryption techniques. It uses two different key to encrypt
and decrypt the message. It is more secure than the symmetric key encryption
technique but is much slower
Symmetric key encryption Asymmetric key encryption

It only requires a single key for both It requires two keys, a public key and a
encryption and decryption private key, one to encrypt and the
other one to decrypt.

The size of cipher text is the same or The size of cipher text is the same or
smaller than the orjinal plain text larger than the original plain tex

The encryption process is very fast The encryption process is slow

It is used when a large amount of data It is used to transfer small amounts of

is required to transfer data.

It only provide confidential It provides confidentiality, authenticity,

and non-repudiation

The length of key used is 128 or 256 The  length of key used is 2048 or
bits higher

In symmetric key encryption, resource In asymmetric key encryption,

utilization is low as compared to resource utilization is high.
asymmetric key encryption.

It is efficient as it is used for handling It is comparatively less efficient as it

large amount of data. can handle a small amount of data.

Security is less as only one key is used It is more secure as two keys are used
for both encryption and decryption here- one for encryption and the other
purpose. for decryption

The Mathematical Representation is as The Mathematical Representation is as

follows- follows-

P = D (K, E(P)) P = D(Kd, E (Ke,P))

where K –> encryption and decryption where Ke –> encryption key

key
Kd –> decryption key
P –> plain text
D –> Decryption
D –> Decryption
E(Ke, P) –> Encryption of plain text
E(P) –> Encryption of plain text using encryption key Ke . P –> plain
text