23-02-2011, 09:34 AM
[attachment=8983]
1. INTRODUCTION
In the mid-eighties, so legend has it, the Amjad brothers of Pakistan ran a computer store. Frustrated by computer piracy, they wrote the first computer virus, a boot sector virus called Brain. From those simple beginnings, an entire counter-culture industry of virus creation and distribution emerged, leaving us today with several tens of thousands of viruses. In just over a decade, most of us have been familiar with the term computer virus.
A large portion of modern computing life is to secure the information that we are creating and processing. There are many aspects of information security, ranging from physical access to ensuring that the information has not been changed in any way. One of the most high-profile threats to information integrity is the computer virus. Surprisingly, PC viruses have been around for two-thirds of the IBM PC’s lifetime, appearing in 1986. With global computing on the rise, computer viruses have had more visibility in the past two years.
Despite our awareness of computer viruses, how many of us can define what one is, or how it infects computers? This seminar aims to demystify the basics of computer viruses, summarizing what they are, how they attack and what we can do to protect ourselves against them.
2. VIRUSES
2.1 THE BASICS OF COMPUTER VIRUSES
Computer viruses are not inherently destructive. The essential feature of a computer program that causes it to be classified as a virus is not its ability to destroy data, but its ability to gain control of the computer and make a fully functional copy of itself. It can reproduce. When it is executed, it makes one or more copies of itself. Those copies may later be executed, to create still more copies, ad infinitum. Not all computer programs that are destructive are classified as viruses because they do not all reproduce, and not all viruses are destructive because reproduction is not destructive. However, all viruses do reproduce. The computer virus overcomes the roadblock of operator control by hiding itself in other programs. Thus it gains access to the CPU simply because people run programs that it happens to have attached itself to without their knowledge. A computer virus attaches itself to other programs earned it the name “virus.” However that analogy is wrong since the programs it attaches to are not in any sense alive.
Virus: What exactly is a Virus?
A virus is basically an executable file which is designed such that first of all it should be able to infect documents, then it has to have the ability to survive by replicating itself and then it should also be able to avoid detection. Usually to avoid detection, a Virus disguises itself as a legitimate program which the user would not normally suspect to be a Virus. Viruses are designed to corrupt or delete data on the hard disk i.e. on the FAT (File Allocation Table).
2.2 TYPES OF VIRUSES
Computer viruses can be classified into several different types.
1. File or program viruses:
Some programs are viruses in disguise, when executed they load the virus in the memory along with the program and perform the predefined steps and infect the system. They infect program files like files with extensions like .EXE, .COM , .BIN , .DRV and .SYS. Some file viruses just replicate while others destroy the program being used at that time.
2. Boot Sector Viruses (MBR or Master Boot Record)
Boot sector viruses can be created without much difficulty and infect either the Master boot record of the hard disk or the floppy drive.
3. Multipartite Viruses
Multipartite viruses are the hybrid variety; they can be best described as a cross between both Boot Viruses and File viruses. They not only infect files but also infect the boot sector.
4. Stealth Viruses
They viruses are stealth in nature and use various methods to hide themselves and to avoid detection.
5. Polymorphic Viruses
They are the most difficult viruses to detect. They have the ability to mutate this means that they change the viral code known as the signature each time it spreads or infects.
6. Macro viruses
In essence, a macro is an executable program embedded in a word processing document or other type of file. Typically users employ macros to automate repetitive tasks and there by save key strokes
1. INTRODUCTION
In the mid-eighties, so legend has it, the Amjad brothers of Pakistan ran a computer store. Frustrated by computer piracy, they wrote the first computer virus, a boot sector virus called Brain. From those simple beginnings, an entire counter-culture industry of virus creation and distribution emerged, leaving us today with several tens of thousands of viruses. In just over a decade, most of us have been familiar with the term computer virus.
A large portion of modern computing life is to secure the information that we are creating and processing. There are many aspects of information security, ranging from physical access to ensuring that the information has not been changed in any way. One of the most high-profile threats to information integrity is the computer virus. Surprisingly, PC viruses have been around for two-thirds of the IBM PC’s lifetime, appearing in 1986. With global computing on the rise, computer viruses have had more visibility in the past two years.
Despite our awareness of computer viruses, how many of us can define what one is, or how it infects computers? This seminar aims to demystify the basics of computer viruses, summarizing what they are, how they attack and what we can do to protect ourselves against them.
2. VIRUSES
2.1 THE BASICS OF COMPUTER VIRUSES
Computer viruses are not inherently destructive. The essential feature of a computer program that causes it to be classified as a virus is not its ability to destroy data, but its ability to gain control of the computer and make a fully functional copy of itself. It can reproduce. When it is executed, it makes one or more copies of itself. Those copies may later be executed, to create still more copies, ad infinitum. Not all computer programs that are destructive are classified as viruses because they do not all reproduce, and not all viruses are destructive because reproduction is not destructive. However, all viruses do reproduce. The computer virus overcomes the roadblock of operator control by hiding itself in other programs. Thus it gains access to the CPU simply because people run programs that it happens to have attached itself to without their knowledge. A computer virus attaches itself to other programs earned it the name “virus.” However that analogy is wrong since the programs it attaches to are not in any sense alive.
Virus: What exactly is a Virus?
A virus is basically an executable file which is designed such that first of all it should be able to infect documents, then it has to have the ability to survive by replicating itself and then it should also be able to avoid detection. Usually to avoid detection, a Virus disguises itself as a legitimate program which the user would not normally suspect to be a Virus. Viruses are designed to corrupt or delete data on the hard disk i.e. on the FAT (File Allocation Table).
2.2 TYPES OF VIRUSES
Computer viruses can be classified into several different types.
1. File or program viruses:
Some programs are viruses in disguise, when executed they load the virus in the memory along with the program and perform the predefined steps and infect the system. They infect program files like files with extensions like .EXE, .COM , .BIN , .DRV and .SYS. Some file viruses just replicate while others destroy the program being used at that time.
2. Boot Sector Viruses (MBR or Master Boot Record)
Boot sector viruses can be created without much difficulty and infect either the Master boot record of the hard disk or the floppy drive.
3. Multipartite Viruses
Multipartite viruses are the hybrid variety; they can be best described as a cross between both Boot Viruses and File viruses. They not only infect files but also infect the boot sector.
4. Stealth Viruses
They viruses are stealth in nature and use various methods to hide themselves and to avoid detection.
5. Polymorphic Viruses
They are the most difficult viruses to detect. They have the ability to mutate this means that they change the viral code known as the signature each time it spreads or infects.
6. Macro viruses
In essence, a macro is an executable program embedded in a word processing document or other type of file. Typically users employ macros to automate repetitive tasks and there by save key strokes