11-18 virus technology

8/7/2019 11-18 Virus Technology

http://slidepdf.com/reader/full/11-18-virus-technology 1/24



INTRODUCTION The basics of computer Virus

Summarizing what they are ?

How they attack ?

What we can do to protect our selves ?



What is Computer Virus ?

A comp. Virus is a coded program that is

written in Assembly or System

programming language to gain entry into

host system and modify existing program

and perform a series of action without user

consent



HISTORY OF COMPUTER VIRUSES

The Pre-Historic Period

The Early Times

The Middle Ages

The Current Picture

The Emerging Scenario



CLASSIFICATION OF VIRUSES

General Classification Of Viruses

Behavioral Classification of Viruses



General Classification Of Virus

Viruses

BootSector

Viruses

Directory

Viruses

Floppy

Disk Boot

Sector

Viruses

Hard Disk

Master

Boot

Record

(MBR)/

Partition

TableViruses

Macro

Virus

Parasitic

Virus

File

Viruses



Behavioral Classification of Virus

Nature Of Attack

Deception Techniques Employed

Frequency of Infection

Next



Nature Of Attack

Viruses

Direct

ActionViruses

Resident

Virus

Back



Deception Techniques Employed

Viruses

Stealth

Virus

Batch FileVirus

Multipartite

Viruses

Polymorphic

Virus

Cavity

Virus

Tunneling

Virus

CamouflageViruses

ArmoredViruses

CompanionViruses

Back



Frequency of Infection

Fast

Infector

Virus

Slow

Infector

Viruses

Sparse

Infector

Viruses

Viruses

Back



Discover

y

Assimilation

Eradicatio

n

Gestation

The propagated

virus is activated

Users become aware of

the virus and isolate it

Vaccine for the virus

is developed

When the use of vaccine become

widespread the virus is eradicated

The same or a

diff. developer

develops a diff.

strain of a new

virus and the

progress begins

afresh

The virus spreads

to other systems

Activation

Propagation

STAGE - 1

STAGE - 2

STAGE - 3

STAGE - 4

STAGE - 5

STAGE - 7

The created virus

is released to the

outside world

STAGE - 6

Creation

LIFE CYCLE OF A VIRUS



QUALITIES OF A VIRUS

A virus must incorporate a replicating routine.

A virus should be able to install itself in the RAM.

A virus has a trademark trigger routine.

Some viruses have an encryption routine.

Most viruses are designed to exhibit some sort of stealth characteristics to avoid detection.



HOW DOES VIRUS WORKS

Enter by email,downloads,floppy disk or hacking

Then make copies of itself to spread.

They will wait for the signal for being activated.



SYMPTOMS OF A VIRUS

INFECTION Graphics and unusual text will appear.

Music will play for no reason.

Program and data file suddenly corrupted.

Disk volume is changed.

Files and directories have been changed suddenly.

Your computer goes slowdown.

System memory have been changed.

Hardware devices begin to exhibit unusual behavour.

Interrupt vector have been changed.



HOW VIRUSES SPREAD

SO QUICKLY ? The larger amount of spreading the virus is user base, the

more widespread and quicker the infection.

The level of piracy is also influence to spread.

The complexity & characteristics of the virus code helps a

virus to spread effectively.

Internet is also cause to spread the virus quickly.



POSITIVE VIRUS

A virus is µbad¶ or µgood¶ depends on the virus develope

Virus is made of two parts.

Propagation mechanism.

Payload. Propagation mechanism Spreads comp. To comp.

It is a technical challenge that lets fun of designing it.

Propagated virus automatically spreading until halted.

Entire meaning is easy to get and hard to recover.

Ex. If a virus which acts as anti-virus that detect the

negative virus and remove from the system.



³I LOVE YOU´ VIRUS

A love letter which is win32 based on e-mail

attachments.

HOW DO I GET IT ?

Attachment named : LOVE-LETTER-FOR YOU.TXT The warning is protect.vbs.

When it opened virus infects to the system.

Unless you are sure that the doc. Is free from virus.

If you are unsure than ask to the sender to confirm.

Difficult to open .mp2 , .mp3 , .midi , .wav Etc.

Difficult to open .jpg , .bmp , .gif etc



What is Anti-Virus

Anti-Virus is a specialized utility

program which is used to detect , eradicate

and prevent viruses.



DIFFERENT ANTI-VIRUS TECHNOLOGY

Hook Driver

It provides databases in notes.

Extension Manager

It allows a program to be run

natively.



HOW EFFECTIVE IS AN ANTI-

VIRUS S\W IS ?Methodology of detecting, and incorporate anti-virus.

They have their own database to compare string of virus

string to detect.

An intelligent virus may breakdown your anti-virus s\w.

Timely and regularly upgrade the anti-virus s\w

If more than one user use one computer ,always check

all local drives after download any data.

NEXT



COULD ANTI-VIRUS

PROGRAM ITSELF BE INFECTED?

Clever virus may infect the anti-virus s\w.

Parallel you might be use the another corporate anti-virus.

If one fails than the other might be detect.

The developer make an anti-virus s\w after confirmation.

NEXT



QUALITIES OF AN ANTI-VIRUS

S\W. Directly it remove to your system memory.

Example of virus which is same as cancer cells.

Two ways of virus detection. Signature based like polymorphic virus.

Rule based like genetic in nature.

Cat and mouse game bet¶n developer and writers.

NEXT



LIMITATIONS OF ANTI-VIRUS

PROGRAMS Limited database virus strings.

old version can¶t detect.

Directly not work on on-line services.

Restricted coverage area for an anti-virus s\w

NEXT



CONCLUSION

While using diff. External Data storage devices like cd¶s,

floppy disk

scan all the system with the help of upgrade anti-virus

soft-ware.

The hazard ness cause by the virus to our system for which we have to take care.

³PREVENTION IS ALLWAYES BETTER THAN

CURE´.

11-18 virus technology

Documents