SYSTEM SECURITY & ANTIVIRUS Chapter - 5 1 2015-2016 Dr. BALAMURUGAN MUTHURAMAN
Jan 18, 2018
SYSTEM SECURITY &
ANTIVIRUS
Chapter - 5
12015-2016
Dr. BALAMURUGAN MUTHURAMAN
MEANING OF COMPUTER SECURITY
22015-2016
Today, however, with pervasive remote terminal access,
communications, and networking, physical measures rarely provide
meaningful protection for either the information or the service; only the
hardware is secure. Most computer facilities continue to protect their
physical machine far better than they do their data, even when the value
of the data is several times greater than the value of the hardware.
Despite significant advances in the state of the art of computer
security in recent years, information in computers is more vulnerable
than ever. Each major technological advance in computing raises new
security threats that require new security solutions, and technology
moves faster than the rate at which such solutions can be developed.
32015-2016
VIRUS
A virus is software that spreads from program to program,
or from disk to disk, and uses each infected program or
disk to make copies of itself. Basically computer damage.
42015-2016
The term comes from biology. A computer virus
reproduces by making, possibly modified, copies of itself in the
computer’s memory, storage, or over a network. Similar to the
way a biological virus would work.
The very first virus to be created outside the single
computer or lab was the program called "Elk Cloner.” It was
written by Rich Skrenta in 1982. The virus attached itself to the
Apple DOS 3.3 operating system and spread through floppy
disk. The virus was originally a joke, created by a high school
student and put onto a game. The 50th time someone played the
game, the virus would be released. So instead of playing the
game, the user saw a blank screen that read a poem about the
virus named Elk Cloner. 52015-2016
A VIRUS SPREAD
First a programmer writes the virus most often being
attached to a normal program; unknown to the user, the
virus spreads to other software. Then the virus is passed by
disk or network to other users who use other computers.
The virus then remains hidden as it is passed on.
62015-2016
TYPES OF VIRUSESThe way viruses are usually categorized is by what they do.
The boot virus which infects the boot sector of disk storage
The program virus which infects the executable programs
The multipartite virus which is a combination of the boot and program virus
The stealth virus which is able avoid detection by a variety of means such as
removing itself from the system registry, or hidden as a system file
The parasitic virus which inserts itself into another file or program such that
the original file is still workable
The polymorphic virus which changes its code structure to avoid detection
and removal
The macro virus which exploits the macro language of a program like
Microsoft Word or Excel.72015-2016
TO PROTECT THE SYSTEMRun a more secure operating system like UNIX, another computer
operating system in which you never hear about viruses on these
operating systems because the of the security features
If you are using an unsecured operating system, you can buy virus
protection software like McAfee or Norton AntiVirus
To help avoid viruses, it is very important that your computer is
current with the latest update and antivirus tools, try to stay
informed with recent threats about viruses and that you be careful
when surfing the Internet, downloading files and opening
attachments 82015-2016
WORMSWorms have been around since 1988. A computer worm is very
similar to that of a normal computer virus. Unlike a virus though,
the worm is a program that can copy itself across a network and it
can run on itself.
A worm also has a unique feature in the sense it does not
have to host program in order to run. A worm works by copying
itself into nodes or network terminals which does not require any
intervention from the user itself. Worms began to take off in the
late ‘90s and early 2000’s. These modern worms ran themselves
through the internet and many file sharing programs such as
KaZaa, a music file-sharing program. 92015-2016
TYPES OF WORMSThe “Email Worm”
– The email worm spreads itself through email
– The worm can hide itself in messages as a link or an attachment that
will redirect the user to an infected website.
– Many users become losses to this particular worm due to their
weakness and willingness to read and open messages that they think
could be interesting.
The Instant Messaging Worm
– This worm masks itself in the form of an “IM” with the contents of a
link that will redirect the user to an infected website and then try to
gain full access of the machine.102015-2016
PROTECT YOURSELVESEven though it seems impossible to not catch a worm, it is
not. One of the best things a computer owner can do is install and
run anti-virus software, especially the kind that updates
automatically. Anti-virus software will notify the user when a
virus or worm is found and prevent it from running and/or
copying itself.
Other precautions to protect in worm Choosing secure passwords and changing them regularly
Not opening unfamiliar emails or attachments and most importantly
not running or copying software from an unsecured website.112015-2016
VIRUSES VS WORMS1. Spreads from program to
program, or from disk to disk
2. Uses each infected program or disk to make copies of itself
3. Computer damage
4. Destroys data or erases disks
5. Operating system specific
1. Uses computer hosts to reproduce themselves
2. Travel independently over computer networks
3. Software sabotage
4. Resides in memory rather on disk
5. Puts computers at a standstill
122015-2016
ANTIVIRUS SOFTWARE
Computer programs intended to identify and eliminate computer viruses.
132015-2016
The most widely used software is the Norton Antivirus. (NAV)
Since its release in 1990, over 100 million people around the world have used it.
It is a free program but in order to receive live updates, a valid subscription is needed.
142015-2016
McAfee Virus Scan is another popular antivirus program.
It’s designed for home and home-office use.
It’s used specifically on a Microsoft Windows platform.
The latest edition includes a number of features including on access
file sharing, inbound and outbound firewall protection, and daily
definition updates.
152015-2016
For the average home user and advanced users the Kaspersky
antivirus software has an easy to use interface.
The program uses 3 tabs for protection, settings and support.
It updates itself on an hourly basis and is one of the fastest antivirus
programs available.
162015-2016
ANTIVIRUS SOFTWARE: HOW IT WORKS
“Antivirus software is the equivalent to penicillin of the computer world.”
Like penicillin, antivirus applications act as a protector
over your system, scanning incoming files and applications,
“quarantining” or cleaning up unwanted viruses looking to cause
harm to your system.
Antivirus software is considered to be an aid that detects,
fixes and even prevents viruses and worms from spreading to
your computer as well as connecting computers.
172015-2016
DRAWBACKS OF ANTIVIRUS SOFTWARE
Some antivirus software can considerably reduce performance.
There should not be more than one antivirus software installed
on a single computer at any given time.
It is sometimes necessary to temporarily disable virus protection
when installing major updates.
Some argue that antivirus software often delivers more pain than
value to end users.182015-2016
TWO MAIN TYPES OF ANTIVIRUS
There are different types of antivirus software for
different computers . Some are designed for personal
computers. Some are for servers and others for
enterprises.
There are mainly two types of antivirus software are
Specific Scanning andGeneric Scanning
192015-2016
SPECIFIC SCANNING
Specific scanning also called signature detection
The application scans files to look for known viruses
matching definitions in a “virus dictionary” then it takes
necessary action
The specific scanning is not always reliable because virus
authors are creating new ways of masking their viruses so
the antivirus software does not match the virus signature to
the virus dictionary. 202015-2016
GENERIC SCANNINGGeneric scanning is also referred to as the suspicious
behavior approach. Generic Scanning is used when new
viruses appear.
In this method the software does not look for a specific
signature but instead monitors the behavior of all
applications. If anything questionable is found by the
software the application is quarantined and a warning is
broadcasted to the user about what the program may be
trying to do. 212015-2016
Computer viruses and worms can so easily be placed into
your work station and you must be careful when going on
the internet, opening emails from unknown users, make sure
you have some kind of anti-virus software and always get
updates then only you are not helping to spread viruses and
worms to other people as well as harming yourself and your
pocket.
222015-2016