ANTI-VIRUS SYSTEMS

Project By Ben Woodard

ISC 110

Professor: Dr. Elaine Wenderholm

What is a computer virus?

.Small software programs designed to spread from one computer to the next to:

.Corrupt/ Delete Data

.Hack personal information

.Erase information on a hard drive

.How do they spread?

.Through pop-ups, email attachments, downloads

.All computer viruses are a type of Malware.Malware, short for, “Malicious Software” is programmed to disrupt the proper functioning of a private computer, gather sensitive

information and more

Types of Malware and how they work

Some of the most common types of Malware include: Trojan Horses Computer Worms “ScareWare”

“ScareWare”:○ Alert you of a virus on your computer, convince you to download a

program to “clean” the computer

Computer Worms:○ Use computer networks, find lapses in program security. Allows

them to multiply rapidly

Trojans:○ Appear harmless, when downloaded open a “backdoor” through

the use of Rookits.

What is an Antivirus System?

.Computer Software designed to protect a private computer from Malware.

There are two main techniques Antivirus Systems use: Signature Detection

○ Scanning incoming files and cross referencing the file codes with those of known viruses

Sandbox Security○ Scans already running programs and looks for

untested/unwanted codes

Other Key Features of Anti-Virus Systems:

Scheduled and On Access Scanning:○ Scan downloaded programs on site as well as daily complete

system scans

Fire Walls:○ Protects users by not allowing unauthorized access to their

compuer

Constant Updates:○ Relates to Heuristics, most systems have constant updates for new

software as well as virus signatures that were not originally in the system

Automatic clean-up:○ Anti-Virus systems will stop the infected program, isolate it

(depending on system) and quarantine or delete the file/program

Heuristic Scanning:○ Detect new “wild type” or modified malware

BitDefender

Romanian Based Company: Softwin. Original Anti-Virus System Release: November, 2001 Notable Technologies:

Active Virus Control:○ Used when a program is infected. Checks every running program for

malicious characteristics○ When a threshold of malicious activity is reached in a program, it will

be deemed as harmful and treated as malware B-Have:

○ Created in 2006, to decrease dependency on virus signatures○ Instead, the system looks at the behavior of programs to determine if

they are malicious○ Uses a virtual computer system to test new programs○ If clean the system is allowed to run, if suspected as malware, the

system will destroy the file and record its information

Norton Anti-Virus

A Product of Symantec Company Mostly uses virus signatures with constant program and

heuristic updates. Notable Technologies:

Insight:○ The “smart scanning” of programs, where information is sent to Norton to

update the system of new malware○ Allows for “trusted” programs and files to be looked over in scans thus

increasing scan speed○ Performed when computer is idle to not interfere with the user

SONAR:○ Much like B-Have in that it checks program behaviors, not signatures○ Constantly scans running programs using algorithms to find out attributes

about the program. Such as, if the program is using shortcuts to gain access to private files

○ Main goal is to identify any malware instantaneously, known as “zero day” threat detection

AVAST! Anti-virus Developed by AVAST Software a.s. Key Features:

Primarily monitors program activities to determine if they are malicious

Has a “Safe-Zone” firewall which helps to go undetected on the internet

Impossible for malware to destroy AVAST! Sorts corrupted files from safe files and quarantines them known as

a “virus chest” Real time protection as files are downloaded GMER

○ Designed to locate and destroy Rookit technology○ Rookits enable constant access to a computer to malware or a hacker.

They are hard to detect due to the fact that they will die within seemingly safe programs, often times the user has no idea there is a Rookit until it is too late

Sources/ Questions?  "Bitdefender Antivirus Plus 2013." Bitdefender. N.p., n.d. Web. 5

May 2013. "The All-new Avast! 8 Is Here." AVAST 2013. N.p., n.d. Web. 5 May

2013. Norton AntiVirus." Norton AntiVirus 2013. N.p., n.d. Web. 5 May

2013. "What Are Viruses, Worms, and Trojan Horses? - Knowledge

Base." What Are Viruses, Worms, and Trojan Horses? - Knowledge Base. N.p., n.d. Web. 1 May 2013.

What Is a Rootkit? -- Definition by The Linux Information Project (LINFO)." What Is a Rootkit? -- Definition by The Linux Information Project (LINFO). N.p., n.d. Web. 1 May 2013.