210 likes | 440 Views
Study of Computer Virus Worms. Sampath Yerramalla 04/17/02. Survey. Virus Appearance National Press Faster than in papers Melissa The Love Letter Anna Kournikova Vulnerabilities Computer hardware based on single trusted user Software loop-holes
E N D
Study of Computer Virus Worms Sampath Yerramalla 04/17/02
Survey • Virus Appearance • National Press • Faster than in papers • Melissa • The Love Letter • Anna Kournikova • Vulnerabilities • Computer hardware based on single trusted user • Software loop-holes • Research : Any machine with almost any OS can support virus
Difference • Virus • A computer program that replicates by attaching itself to some other object • Usually small size programs ( 3-30k ) • Designed to evade detection • Worm • First reported ed by John Shoh and Jon Hupp of XEROX PARC • Sends itself to other systems • Bigger in size than virus • More abilities • Not easy to write
Virus Spread • Medium • Hard disk • Floppy disks • Tape • Optical media • Memory • Internet • E-mail attachments • .exe .bat .vbs • Incentive and trap • Money • Sex • Humor • Research : One in every five hundred e-mail messages contain a virus.
Types • Effect on OS, programming used and size. • Boot sector virus • Polymorphic virus • Time Bomb • Shell virus • Add-on virus • Trojan horse • Internet worms
Polymorphic virus • Mutates • Hard to detect • All parts of the multipartite virus needs to be cleaned • Different kinds of damages • Amusing screen displays • Unusual sound displays • System reboots • Reformatting the hard disk
Shell Virus Uninfected Program Infected Program
Add-on Virus Uninfected Program Infected Program
Trojan Horse • A program that hides it true intention • e-mail attachments • Trick into installing malicious software • Droppers • Backdoors • Hackers • Subseven • Back Orifice • Netbus
Internet Worms • Use complex e-mal functions and network software • Steals addresses from your address book • New hosts through un-protected system drives • W32/skaW32/Navidad@M • VBS/Netlog • W32/Explorezip • W32/Qaz • W32/SaddamHussain,…… • Virus Hackers
Virus programmers • Common languages to create virus • Assembler • C • Visual Basic • Java • Unfortunately, virus are created by people for all usual reasons • Dirty tricks • Make a living • Fortunately, not all virus programmers aren’t in “ boy or girl genius league ”.
Viral Signatures • Repeated infection – early detection • Unique virus signatures • Mixed blessing • Fake Viral signatures to protect against virus
Why should I care ? • Reproduce • Stealing addresses from your Address Book • Write files to a Local directory / Network computer • Appears to be done by you • Un-authorized Access • Passwords • Credit card numbers • Destroy the computer • Computer un-usable • Allow other people (anywhere on internet), to get control of your computer
Have I Been a Victim ? • Reproduction stage • Alert box • Too late • Virus hoax are common than virus itself
Getting Rid of Virus • Virus code is tagged at the end of a program • Placed in the empty slots of a program • Both types can be cleaned • Unfortunately, virus world doesn’t end here • Some virus replace the program code with their own code • Can’t be cleaned, hence deleted
Getting Rid of Virus… • Some can be removed • Others may require part or all of the OS to be removed or re-installed • Retrieval of files • Damage cannot be undone
Prevention better than any cure • Technical measures • Anti-virus software • Update • Check mail-servers • Reject all e-mails of dangerous or unknown extensions • Suspect even safe extensions • Disabling functions • Removing windows script hosting
Do’s and Don’ts • Always update your anti-virus software at least weekly • Back up your important files and ensure that they can be restored • Change the computer's boot sequence to always start the PC from its hard drive • Don't share Drive C: without a password and without read-only restrictions • Empty floppy drives of diskettes before turning on computers, especially laptops • Forget opening unexpected e-mail attachments, even if they're from friends • Get trained on your computer's anti-virus software and use it
Do’s and Don’ts…. • Have multiple backups of important files • Install security updates for your operating system and programs as soon as possible • Jump at the chance to learn more about your computer. This will help you spot viruses • Knowledge is contagious, infect the truth
References • I’ll include them in the term paper ! Sampath Yerramalla