COMPUTER VIRUSES COMPUTER VIRUSES AND AND ANITVIRUSES TECHNIQUES ANITVIRUSES TECHNIQUES
Jan 05, 2016
COMPUTER VIRUSESCOMPUTER VIRUSESANDAND
ANITVIRUSES TECHNIQUESANITVIRUSES TECHNIQUES
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* WHAT IS COMPUTER VIRUS ?
??
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
* VIRUS (ROGUE SOFTWARE)
I
COMPUTER VIRUS
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* WHO ARE ROGUE PROGRAMMERS ?
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* TYPES OF COMPUTER VIRUS
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* WHAT ALL CAN THEY DO ?
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* HOW DO THEY INFECT ?
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
V I
RU
S
* HOW NOTICE ?
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* WHAT TO DO ?
VIRUS
NO !NO !
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* LAST WORD
SEQUENCE SEQUENCE OF PRESENTATIONOF PRESENTATION
COMPUTER VIRUS
* CONCLUSION
WHAT IS COMPUTER WHAT IS COMPUTER VIRUS ?VIRUS ?
COMPUTER VIRUS
“ A COMPUTER PROGRAM ABLE TO INFECT OTHER PROGRAMS BY
MODIFYING THEM TO INCLUDE A POSSIBLY EVOLVED VERSION OF
ITSELF. ”
WHAT IS COMPUTER WHAT IS COMPUTER VIRUS ?VIRUS ?
COMPUTER VIRUS
* BE A SET OF COMPUTER INSTRUCTIONS
* BE DELIBERATELY CREATED
* DO UNDESIRABLE THINGS (DAMAGES)
* PROPAGATE USING HOST PROGRAMS
COMPUTER VIRUS
COMPUTER COMPUTER COMPONENTSCOMPONENTS
SOFTWARE
ROGUE SOFTWARE
LEGITIMATESOFTWARE
PRODUCTIVEDESTRUCTIVE
ROGUE SOFTWARE* BUG-WARE
- NOT MEANT FOR DESTRUCTION
* THE TROJAN HORSE - APPEARS TO BE USEFUL
* CHAMELEONS - M ISCHIEF
* REPLICATORS- COPY ITSELF TO EXHAUST DISK
* WORMS- TRAVEL IN NETWORK
ROGUEROGUESOFTWARESOFTWARE
* SOFTWARE BOMBS
- EXPLODE ON LAUNCH
* LOGIC BOMBS- EXPLODE ON LOGIC
* TIME BOMBS- EXPLODE ON TIME / DATE
WHO ARE ROUGE WHO ARE ROUGE PROGRAMERS ?PROGRAMERS ?
* PSYCHO CASES
COMPUTER VIRUS
- FOR FUN
- RELEASE ANGER
- TAKE REVENGE
WHO ARE ROUGE WHO ARE ROUGE PROGRAMERS ?PROGRAMERS ?
COMPUTER VIRUS
* PROFIT EARNERS$$$$$
- VIRUS / ANTIVIRUS MARKET
WHO ARE ROUGE WHO ARE ROUGE PROGRAMERS ?PROGRAMERS ?
COMPUTER VIRUS
* INFO ATTACKERS
- DISRUPT ENEMY’S INFORMATION & NETWORK
TYPES OF COMPUTER TYPES OF COMPUTER VIRUSVIRUS
COMPUTER VIRUS
* BOOT / PARTITION INFECTING VIRUS* EXECUTABLE FILE INFECTING VIRUS
* MULTI-PART VIRUS
* DIRECTORY INFECTING VIRUS
RESIDENT NON RESIDENT
WHAT CAN THEY WHAT CAN THEY DO ?DO ?
• FORMAT DISK
• COPY, RENAME AND DELETE FILES
• COPY THEMSELVES WITH NEW
CONFIGURATION INFORMATION
• MODIFY FILE DATES AND EXTENSIONS
• CALL OTHER COMPUTERS TO UPLOAD AND
DOWN LOAD FILES
COMPUTER VIRUS
COMPUTER VIRUS
HOW DO THEY DO ?HOW DO THEY DO ?
APPENDING INSERTION INTERCEPTION REDIRECTION REPLACEMENT
HOW DO YOU NOTICE ?HOW DO YOU NOTICE ?COMPUTER
VIRUS
HOW DO YOU NOTICE ?HOW DO YOU NOTICE ?
COMPUTER OPERATION BECOMES SLUGGISH PROGRAMS TAKE LONGER TO LOAD PROGRAMS ACCESS MULTIPLE DISK DRIVES UNUSUAL AND FREQUENT ACCESS TO DISK DISK SPACE DECREASES RAPIDLY BAD DISK SECTORS STEADILY INCREASE RAM DECREASES SUDDENLY OR STEADILY COMPUTER HALTS WITH OR WITHOUT FUNNY
MESSAGES
COMPUTER VIRUS
HOW DO YOU NOTICE ?HOW DO YOU NOTICE ?
PROGRAMS ENCOUNTER ERRORS PROGRAMS GENERATE
UNDOCUMENTED ERRORS FILES REPLACED WITH GARBAGE FILES MYSTERIOUSLY DISAPPEAR FILE ATTRIBUTES AND DATA CHANGE DATA FILES OR DIRECTORIES OF
UNKNOWN ORIGIN APPEAR
COMPUTER VIRUS
WHAT TO DO ? WHAT TO DO ?
ANTI VIRUS TECHNIQUES
WHAT TO DO ? WHAT TO DO ?
• SAFE COMPUTING METHODS
• ANTIVIRUS SOFTWARE SYSTEMS
• PREVENTION SYSTEM
• DETECTION SYSTEM
• SURGICAL APPROACH
COMPUTER ANTI VIRUS
WHAT TO DO ?WHAT TO DO ?
SAFE COMPUTING METHODS
* YOU MUST
COMPUTER ANTI VIRUS
- BOOT FROM FLOPPY DISK
- DISCOURAGE PIRATED SOFTWARE
- TAKE BACKUP
WHAT TO DO ?WHAT TO DO ?
SAFE COMPUTING METHODSCOMPUTER ANTI VIRUS
YOU MAY– USE PRE RUN CHECKUPS – CHANGE FILE ATTRIBUTES– REINITIALIZE SYSTEM– REINSTALL APPLICATIONS– REFORMAT HARD DISK– OBSERVE OPERATION TIMINGS – LOG DISK SPACE– LOG BAD SECTORS
WHAT TO DO ? WHAT TO DO ?
ANTIVIRUS SOFTWARE SYSTEMS
PREVENTION SYSTEMS– TO STOP VIRUS ATTACKS IN REAL TIME
– BLOCK ILLEGAL DISK ACCESS AND PROGRAM LOADING
– PASSWORD PROTECTION
- SLOW SPEED
- UNNECESSARY INTERRUPTS
- CAN BE INFECTED BY VIRUS
- HEAVY ON RAM
COMPUTER ANTI VIRUS
WHAT TO DO ? WHAT TO DO ?
ANTIVIRUS SOFTWARE SYSTEMS
• DETECTION SYSTEMS– LOAD, RUN AND EXIT
– CHECK PROGRAM BEFORE EXECUTION
– COMPLEMENT PREVENTION SYSTEM
– PROGRAM SPECIFIC AND GENERIC
COMPUTER ANTI VIRUS
WHAT TO DO ? WHAT TO DO ?
SOME ANTIVIRUS SOFTWARE
VACCINES ANTIDOTES FILE COMPARISON UTILITIES VIRUS SCANNERS DISK MAPPERS MEMORY RESIDENT ANTIVIRUS
PROGRAMS
COMPUTER ANTI VIRUS
WHAT TO DO ? WHAT TO DO ?
THE IDEAL ANTIVIRUS SAFETY NET
CONSISTS OF AN INTELLIGENT,
WELL TESTED AND WELL
BALANCED COMBINATION OF SAFE
COMPUTING METHODS PLUS VIRUS
PREVENTION AND VIRUS DETECTION
SYSTEMS
SURGICAL APPROACHSURGICAL APPROACH
• Empty the House - TAKE OUT ALL
HOUSE HOLD ITEMS
• DISINFECT THE EMPTY HOUSE
• CLEAN AND DISINFECT EACH
HOUSE HOLD ITEM AND BRING IT
BACK ONE BY ONE
• START NORMAL LIFE
THE LAST WORDTHE LAST WORD
“THE ONLY TRULY SECURE SYSTEM IS ONE THAT IS POWERED OFF, CAST IN A BLOCK OF CONCRETE, AND SEALED IN A LEAD-LINED ROOM WITH ARMED GUARDS AND EVEN THEN I HAVE MY DOUBTS.” E. H. SPAFFORD
ASSOCIATE PROFESSOR
DEPTT OF COMPUTER SCIENCES
PURDUE UNIVERSITY
CONCLUSIONCONCLUSION“LEARN TO LIVE WITH IT”
• SAFE COMPUTING TECHNIQUES
• MANAGE SOFTWARE PIRACY
• EDUCATE USERS
• KEEP ABREAST OF THE LATEST VIRUS AND ANTIVIRUS
• REVIEW SITUATION