You are on page 1of 37

COMPUTER VIRUSES

AND
ANITVIRUSES TECHNIQUES

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* WHAT IS COMPUTER VIRUS ?

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* VIRUS
(ROGUE SOFTWARE)
I

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* WHO ARE ROGUE PROGRAMMERS ?

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* TYPES OF COMPUTER VIRUS

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* WHAT ALL CAN THEY DO ?

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* HOW DO THEY INFECT ?

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* HOW NOTICE ?

S R
U

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* WHAT TO DO ?

NO !
VIRUS

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* LAST WORD

SEQUENCE
OF PRESENTATION
COMPUTER VIRUS

* CONCLUSION

WHAT IS COMPUTER
VIRUS ?
COMPUTER
VIRUS

A COMPUTER PROGRAM ABLE TO


INFECT OTHER PROGRAMS BY
MODIFYING THEM TO INCLUDE A
POSSIBLY EVOLVED VERSION OF
ITSELF.

WHAT IS COMPUTER
VIRUS ?
COMPUTER
VIRUS

* BE A SET OF COMPUTER INSTRUCTIONS


* BE DELIBERATELY CREATED
* DO UNDESIRABLE THINGS (DAMAGES)
* PROPAGATE USING HOST PROGRAMS

COMPUTER
COMPONENTS
COMPUTER
VIRUS

SOFTWARE

ROGUE
SOFTWARE

LEGITIMATE
SOFTWARE

DESTRUCTIVE

PRODUCTIVE

ROGUE SOFTWARE
* BUG-WARE
- NOT MEANT FOR DESTRUCTION
* THE TROJAN HORSE
- APPEARS TO BE USEFUL
* WORMS
- TRAVEL IN NETWORK
* REPLICATORS
- COPY ITSELF TO EXHAUST DISK
* CHAMELEONS

- M ISCHIEF

ROGUE
SOFTWARE
* TIME BOMBS
- EXPLODE ON TIME / DATE
* LOGIC BOMBS
- EXPLODE ON LOGIC
* SOFTWARE BOMBS
- EXPLODE ON LAUNCH

WHO ARE ROUGE


PROGRAMERS ?
COMPUTER
VIRUS

* PSYCHO CASES
- FOR FUN
- RELEASE ANGER
- TAKE REVENGE

WHO ARE ROUGE


PROGRAMERS ?
COMPUTER
VIRUS

* PROFIT EARNERS

- VIRUS / ANTIVIRUS
MARKET

WHO ARE ROUGE


PROGRAMERS ?
COMPUTER
VIRUS

* INFO ATTACKERS
- DISRUPT ENEMYS
INFORMATION &
NETWORK

TYPES OF COMPUTER
VIRUS
COMPUTER
VIRUS

* BOOT / PARTITION INFECTING VIRUS


* EXECUTABLE FILE INFECTING VIRUS
* MULTI-PART VIRUS
* DIRECTORY INFECTING VIRUS
RESIDENT

NON RESIDENT

COMPUTER
VIRUS

WHAT CAN THEY


DO ?

FORMAT DISK
COPY, RENAME AND DELETE FILES
COPY THEMSELVES WITH NEW
CONFIGURATION INFORMATION
MODIFY FILE DATES AND EXTENSIONS
CALL OTHER COMPUTERS TO UPLOAD AND
DOWN LOAD FILES

HOW DO THEY DO ?
COMPUTER
VIRUS

APPENDING

INSERTION

INTERCEPTION

REDIRECTION

REPLACEMENT

HOW DO YOU NOTICE ?


COMPUTER
VIRUS

HOW DO YOU NOTICE ?


COMPUTER
VIRUS

COMPUTER OPERATION BECOMES SLUGGISH


PROGRAMS TAKE LONGER TO LOAD
PROGRAMS ACCESS MULTIPLE DISK DRIVES
UNUSUAL AND FREQUENT ACCESS TO DISK
DISK SPACE DECREASES RAPIDLY
BAD DISK SECTORS STEADILY INCREASE
RAM DECREASES SUDDENLY OR STEADILY
COMPUTER HALTS WITH OR WITHOUT FUNNY
MESSAGES

HOW DO YOU NOTICE ?


COMPUTER
VIRUS

PROGRAMS ENCOUNTER ERRORS


PROGRAMS GENERATE
UNDOCUMENTED ERRORS

FILES REPLACED WITH GARBAGE

FILES MYSTERIOUSLY DISAPPEAR

FILE ATTRIBUTES AND DATA CHANGE

DATA FILES OR DIRECTORIES OF


UNKNOWN ORIGIN APPEAR

WHAT TO DO ?

ANTI VIRUS TECHNIQUES

COMPUTER
ANTI VIRUS

WHAT TO DO ?

SAFE COMPUTING METHODS


ANTIVIRUS SOFTWARE SYSTEMS
PREVENTION SYSTEM
DETECTION SYSTEM
SURGICAL APPROACH

WHAT TO DO ?
COMPUTER
ANTI VIRUS

SAFE COMPUTING METHODS

* YOU MUST
- BOOT FROM FLOPPY DISK
- DISCOURAGE PIRATED SOFTWARE
- TAKE BACKUP

WHAT TO DO ?
COMPUTER
ANTI VIRUS

SAFE COMPUTING METHODS

YOU MAY

USE PRE RUN CHECKUPS


CHANGE FILE ATTRIBUTES
REINITIALIZE SYSTEM
REINSTALL APPLICATIONS
REFORMAT HARD DISK
OBSERVE OPERATION TIMINGS
LOG DISK SPACE
LOG BAD SECTORS

WHAT TO DO ?
COMPUTER ANTIVIRUS SOFTWARE SYSTEMS
ANTI VIRUS

PREVENTION SYSTEMS
TO STOP VIRUS ATTACKS IN REAL TIME
BLOCK ILLEGAL DISK ACCESS AND
PROGRAM LOADING
PASSWORD PROTECTION
- SLOW SPEED
- UNNECESSARY INTERRUPTS
- CAN BE INFECTED BY VIRUS
- HEAVY ON RAM

WHAT TO DO ?
COMPUTER
ANTI VIRUS

ANTIVIRUS SOFTWARE SYSTEMS

DETECTION SYSTEMS
LOAD, RUN AND EXIT

CHECK PROGRAM BEFORE EXECUTION


COMPLEMENT PREVENTION SYSTEM
PROGRAM SPECIFIC AND GENERIC

WHAT TO DO ?
COMPUTER
ANTI VIRUS

SOME ANTIVIRUS SOFTWARE

VACCINES
ANTIDOTES
FILE COMPARISON UTILITIES
VIRUS SCANNERS
DISK MAPPERS
MEMORY RESIDENT ANTIVIRUS
PROGRAMS

WHAT TO DO ?
THE IDEAL ANTIVIRUS SAFETY NET
CONSISTS OF AN INTELLIGENT,
WELL TESTED AND WELL BALANCED
COMBINATION OF SAFE COMPUTING
METHODS PLUS VIRUS PREVENTION
AND VIRUS DETECTION SYSTEMS

SURGICAL APPROACH
Empty the House - TAKE OUT ALL
HOUSE HOLD ITEMS
DISINFECT THE

EMPTY HOUSE

CLEAN AND DISINFECT EACH


HOUSE HOLD ITEM AND BRING IT
BACK ONE BY ONE
START NORMAL LIFE

THE LAST WORD


THE

ONLY TRULY SECURE


SYSTEM IS ONE THAT IS
POWERED OFF, CAST IN A BLOCK
OF CONCRETE, AND SEALED IN A
LEAD-LINED ROOM WITH ARMED
GUARDS AND EVEN THEN I HAVE
E. H. SPAFFORD
MY DOUBTS.
ASSOCIATE PROFESSOR

DEPTT OF COMPUTER SCIENCES


PURDUE UNIVERSITY

CONCLUSION
LEARN TO LIVE WITH IT

SAFE COMPUTING TECHNIQUES


MANAGE SOFTWARE PIRACY
EDUCATE USERS
KEEP ABREAST OF THE LATEST
VIRUS AND ANTIVIRUS
REVIEW SITUATION