Creating a Secure Computer Virus Laboratory

Laboratory Protocol

Our laboratory protocol to regulate behavior in the laboratory was initially based on biohazard protocols (Health Canada, 2001); biologists and chemists have had decades of experience working with dangerous substances, and it is only prudent to build on their experience. Obviously, the analogy breaks down after a certain point, but there were a number of things to be learned about laboratory access, operation, and personnel training.

Since the contagions of concern in the computer virus lab are electronic, we had to add a number of provisions with respect to media handling, and any means of electronic transmission, both wired and wireless. Our initial thought was to let students bring media into the lab, so long as it was not brought out again, to allow material researched on the Internet to be brought in, but after negative reviewer feedback we scrapped this idea. Printouts were also contentious, in two ways: first, that we were allowing them to be made at all; second, how they were to be handled by students. We eventually clarified the protocol to specify how printouts should be handled, but still allowed them to be made – at the very least, printouts can be useful for debugging purposes.

The final lab protocol is given in the Appendix. The provision dealing with laboratory entry, where people have to enter individually, is taken from our observations of airport security. Disallowing ‘tailgating’ gives us an electronic card key entry record for each person, in case a later audit is necessary.

The lab protocol includes mention of technical staff and the course instructor, and this is deliberate. While the laboratory was active, even these people were subject to the laboratory protocol. The behavioral safeguards established by the laboratory protocol are meaningless unless everyone adheres to them. Indeed, the first author (as the course instructor) religiously removed his cell phone upon entry to the laboratory and was seen by the students to be doing so. This type of action is vital to underscore the seriousness of the protocol.

Download file here

Posts Related to Creating a Secure Computer Virus Laboratory

Food Poisoning
Levels of food poisoning The Public Health Laboratory Service (PHLS) maintains a database of food poisoning cases across England and Wales. Campylobacter is responsible for ...
Cisco Service Control Application for Broadband Reference Guide
This preface describes who should read the Cisco Service Control Application for Broadband Reference Guide, how it is organized, its document conventions, and how to ...
Windows 7 Security
Description: This week, Steve and Leo discuss the changes, additions and enhancements Microsoft has made to the security of their forthcoming release of Windows 7. ...
Topology Dynamics in a P2PTV Network
Abstract. In recent years, a number of commercial peer-to-peer TV (P2PTV) applications have been launched. Yet, their mechanisms and characteristics are unknown. In this paper, ...
Survey and Problem Statement of P2P Streaming
System Architecture and Working Flows of PPLive The PPLive software, running in user computers (peers), has two major communication protocols: (i) a registration and peer ...

Share or Bookmark this post:

Top Manual Guide

Creating a Secure Computer Virus Laboratory

Food Poisoning

Cisco Service Control Application for Broadband Reference Guide

Windows 7 Security

Topology Dynamics in a P2PTV Network

Survey and Problem Statement of P2P Streaming

Leave a Reply

Recent Manual

Manual Categories

Manual Archives