Computer viruses
-
Upload
imran-khan -
Category
Technology
-
view
5.320 -
download
0
Transcript of Computer viruses
![Page 1: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/1.jpg)
History, Classifications and Structure
PRESENTED BY : IMRAN AHMED KHANUniversity of Texas at Tyler
![Page 2: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/2.jpg)
A computer virus is a computer program that can replicate itself and spread from one computer to another.
A program that alters other programs to include a copy of itself
A computer program able to infect other programs by modifying them to include a
Possibly evolved version of Itself.
![Page 3: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/3.jpg)
Computer virus is a segment of machine code (typically 200-4000 bytes)
Do undesirable things ( damages )
Destructive Software
![Page 4: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/4.jpg)
SearchSearch for the Host program.
CopyCopy itself into the executable program.
Anti-DetectionRoutines to prevent viruses from being detected.
Payload Performs the function(s) for which virus was designed.
![Page 5: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/5.jpg)
Shell virusesA shell virus is one that forms a “shell” around the
original code. In effect, the virus becomes the program, and the original host program becomes an internal subroutine of the viral code.
Add-on virusesThey function by appending their code to the host
code. The add-on virus then alters the startup information of the program, executing the viral code first. The host code is left almost completely untouched
![Page 6: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/6.jpg)
Intrusive virusesIntrusive viruses operate by overwriting some or all
of the original host code with viral code. The replacement might be selective, as in replacing a subroutine with the virus.
![Page 7: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/7.jpg)
As soon as user run the host program which is infected.
Specific date or time. Examining user keystrokes for a specific
sequence. Some random event.
![Page 8: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/8.jpg)
Sample Source Code
![Page 9: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/9.jpg)
Setting up a test machine
Knowledge of all viruses in detail
How it infects executable, what to look for to determine that the executable has been infected.
Knowledge of anti-detection techniques.
![Page 10: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/10.jpg)
First generation: SimpleDo Replication only.Detect easily.Cannot Hide itself. Second generation: Self-recognitionSolved one problem in prior generation viruses.Prevent unnecessary growth of infected files.Use of signature. Third Generation: StealthHide itself from detection.
![Page 11: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/11.jpg)
Fourth Generation: ArmoredAdd confusing and unnecessary code to make it
more difficult to analyze and detect the virus code.
Direct attack against Anti-virus software.
Fifth Generation: PolymorphicSelf mutating viruses.Their modified version or encrypted version.Difficult to identify
![Page 12: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/12.jpg)
These viruses are not limited to computers or laptop only. Virus can attack any hand held device as well.
The more we know about viruses the more we can protect our devices from it.
![Page 13: Computer viruses](https://reader033.fdocuments.net/reader033/viewer/2022052906/558a2cfed8b42aca328b4664/html5/thumbnails/13.jpg)
http://en.wikipedia.org/wiki/Computer_virus
http://www.zdnet.com/blog/bott/the-malware-numbers-game-how-many-viruses-are-out-there/4783
http://www.symantec.com/security_response/definitions/rapidrelease/detail.jsp?relid=2012-09-05
http://www.infinitechusa.net/blog/2012/05/01/number-of-viruses/
http://www.makeuseof.com/tag/history-computer-viruses-worst-today-case-wondering/
http://www.antivirusworld.com/articles/history.php
http://www.ehow.com/info_8706914_three-structural-parts-computer-virus.html
“Computer Viruses as Artificial Life” - Eugene H. Spafford , Department of Computer Sciences
Purdue University