project by ben woodard isc 110 professor: dr. elaine wenderholm
TRANSCRIPT
ANTI-VIRUS SYSTEMS
Project By Ben Woodard
ISC 110
Professor: Dr. Elaine Wenderholm
What is a computer virus?
.Small software programs designed to spread from one computer to the next to:
.Corrupt/ Delete Data
.Hack personal information
.Erase information on a hard drive
.How do they spread?
.Through pop-ups, email attachments, downloads
.All computer viruses are a type of Malware.Malware, short for, “Malicious Software” is programmed to disrupt the proper functioning of a private computer, gather sensitive
information and more
Types of Malware and how they work
Some of the most common types of Malware include: Trojan Horses Computer Worms “ScareWare”
“ScareWare”:○ Alert you of a virus on your computer, convince you to download a
program to “clean” the computer
Computer Worms:○ Use computer networks, find lapses in program security. Allows
them to multiply rapidly
Trojans:○ Appear harmless, when downloaded open a “backdoor” through
the use of Rookits.
What is an Antivirus System?
.Computer Software designed to protect a private computer from Malware.
There are two main techniques Antivirus Systems use: Signature Detection
○ Scanning incoming files and cross referencing the file codes with those of known viruses
Sandbox Security○ Scans already running programs and looks for
untested/unwanted codes
Other Key Features of Anti-Virus Systems:
Scheduled and On Access Scanning:○ Scan downloaded programs on site as well as daily complete
system scans
Fire Walls:○ Protects users by not allowing unauthorized access to their
compuer
Constant Updates:○ Relates to Heuristics, most systems have constant updates for new
software as well as virus signatures that were not originally in the system
Automatic clean-up:○ Anti-Virus systems will stop the infected program, isolate it
(depending on system) and quarantine or delete the file/program
Heuristic Scanning:○ Detect new “wild type” or modified malware
BitDefender
Romanian Based Company: Softwin. Original Anti-Virus System Release: November, 2001 Notable Technologies:
Active Virus Control:○ Used when a program is infected. Checks every running program for
malicious characteristics○ When a threshold of malicious activity is reached in a program, it will
be deemed as harmful and treated as malware B-Have:
○ Created in 2006, to decrease dependency on virus signatures○ Instead, the system looks at the behavior of programs to determine if
they are malicious○ Uses a virtual computer system to test new programs○ If clean the system is allowed to run, if suspected as malware, the
system will destroy the file and record its information
Norton Anti-Virus
A Product of Symantec Company Mostly uses virus signatures with constant program and
heuristic updates. Notable Technologies:
Insight:○ The “smart scanning” of programs, where information is sent to Norton to
update the system of new malware○ Allows for “trusted” programs and files to be looked over in scans thus
increasing scan speed○ Performed when computer is idle to not interfere with the user
SONAR:○ Much like B-Have in that it checks program behaviors, not signatures○ Constantly scans running programs using algorithms to find out attributes
about the program. Such as, if the program is using shortcuts to gain access to private files
○ Main goal is to identify any malware instantaneously, known as “zero day” threat detection
AVAST! Anti-virus Developed by AVAST Software a.s. Key Features:
Primarily monitors program activities to determine if they are malicious
Has a “Safe-Zone” firewall which helps to go undetected on the internet
Impossible for malware to destroy AVAST! Sorts corrupted files from safe files and quarantines them known as
a “virus chest” Real time protection as files are downloaded GMER
○ Designed to locate and destroy Rookit technology○ Rookits enable constant access to a computer to malware or a hacker.
They are hard to detect due to the fact that they will die within seemingly safe programs, often times the user has no idea there is a Rookit until it is too late
Sources/ Questions? "Bitdefender Antivirus Plus 2013." Bitdefender. N.p., n.d. Web. 5
May 2013. "The All-new Avast! 8 Is Here." AVAST 2013. N.p., n.d. Web. 5 May
2013. Norton AntiVirus." Norton AntiVirus 2013. N.p., n.d. Web. 5 May
2013. "What Are Viruses, Worms, and Trojan Horses? - Knowledge
Base." What Are Viruses, Worms, and Trojan Horses? - Knowledge Base. N.p., n.d. Web. 1 May 2013.
What Is a Rootkit? -- Definition by The Linux Information Project (LINFO)." What Is a Rootkit? -- Definition by The Linux Information Project (LINFO). N.p., n.d. Web. 1 May 2013.