study of computer virus worms
DESCRIPTION
Study of Computer Virus Worms. Sampath Yerramalla 04/17/02. Survey. Virus Appearance National Press Faster than in papers Melissa The Love Letter Anna Kournikova Vulnerabilities Computer hardware based on single trusted user Software loop-holes - PowerPoint PPT PresentationTRANSCRIPT
Study of Computer Virus Study of Computer Virus WormsWorms
Sampath Yerramalla04/17/02
Survey Virus Appearance
– National Press– Faster than in papers
• Melissa• The Love Letter• Anna Kournikova
Vulnerabilities– Computer hardware based on single trusted user– Software loop-holes
Research : Any machine with almost any OS can support virus
Difference Virus
– A computer program that replicates by attaching itself to some other object
– Usually small size programs ( 3-30k )– Designed to evade detection
Worm– First reported ed by John Shoh and Jon Hupp of XEROX
PARC– Sends itself to other systems– Bigger in size than virus– More abilities– Not easy to write
Virus Spread Medium
– Hard disk– Floppy disks– Tape– Optical media– Memory
Internet– E-mail attachments– .exe .bat .vbs
Incentive and trap– Money – Sex – Humor
Research : One in every five hundred e-mail messages contain a virus.
Types
Effect on OS, programming used and size.– Boot sector virus– Polymorphic virus – Time Bomb– Shell virus– Add-on virus– Trojan horse– Internet worms
Polymorphic virus
Mutates Hard to detect All parts of the multipartite virus needs to
be cleaned Different kinds of damages
• Amusing screen displays• Unusual sound displays• System reboots• Reformatting the hard disk
Shell Virus
Uninfected Program
Infected Program
Add-on Virus
Uninfected Program
Infected Program
Trojan Horse
A program that hides it true intention e-mail attachments Trick into installing malicious software
– Droppers– Backdoors
Hackers– Subseven– Back Orifice– Netbus
Internet Worms Use complex e-mal functions and network
software Steals addresses from your address book New hosts through un-protected system drives W32/ska W32/Navidad@M VBS/Netlog W32/Explorezip W32/Qaz W32/SaddamHussain,…… Virus Hackers
Hackers attack Microsoft
Virus programmers Common languages to create virus
– Assembler– C– Visual Basic– Java
Unfortunately, virus are created by people for all usual reasons– Dirty tricks– Make a living
Fortunately, not all virus programmers aren’t in “ boy or girl genius league ”.
Viral Signatures
Repeated infection – early detection Unique virus signatures Mixed blessing
– Fake Viral signatures to protect against virus
Why should I care ? Reproduce
– Stealing addresses from your Address Book– Write files to a Local directory / Network computer– Appears to be done by you
Un-authorized Access– Passwords– Credit card numbers– Destroy the computer– Computer un-usable
Allow other people (anywhere on internet), to get control of your computer
Have I Been a Victim ?
Reproduction stage Alert box Too late Virus hoax are common than virus itself
Getting Rid of Virus
Virus code is tagged at the end of a program Placed in the empty slots of a program Both types can be cleaned Unfortunately, virus world doesn’t end here Some virus replace the program code with their
own code Can’t be cleaned, hence deleted
Getting Rid of Virus…
Some can be removed Others may require part or all of the OS to be
removed or re-installed Retrieval of files Damage cannot be undone
Prevention better than any cure
Technical measures– Anti-virus software
– Update
Check mail-servers Reject all e-mails of dangerous or unknown
extensions Suspect even safe extensions Disabling functions Removing windows script hosting
Do’s and Don’ts Always update your anti-virus software at least weekly
Back up your important files and ensure that they can be restored
Change the computer's boot sequence to always start the PC from its hard drive
Don't share Drive C: without a password and without read-only restrictions
Empty floppy drives of diskettes before turning on computers, especially laptops
Forget opening unexpected e-mail attachments, even if they're from friends
Get trained on your computer's anti-virus software and use it
Do’s and Don’ts….
Have multiple backups of important files
Install security updates for your operating system and programs as soon as possible
Jump at the chance to learn more about your computer. This will help you spot viruses
KKnowledge is contagious, infect the truthnowledge is contagious, infect the truth
References
I’ll include them in the term paper !
Sampath Yerramalla