1 / 14

Higher Computing

Higher Computing. Topic 8: Supporting Software. Updated 16-6-11. Computer Systems: Topic 8 – Supporting Software. Application Software Compatibility When buying software applications it is important to ensure that they will not conflict with your operating system or your hardware.

davin
Télécharger la présentation

Higher Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Higher Computing Topic 8: Supporting Software Updated 16-6-11

  2. Computer Systems: Topic 8 – Supporting Software Application Software Compatibility When buying software applications it is important to ensure that they will not conflict with your operating system or your hardware. 1. Memory Requirements – How much RAM will I need? 2. Storage Requirements – Some application generate large file sizes, e.g. video editing software. 3. Operating System – Applications may not function with some versions of operating systems e.g. software designed for Windows 7 may not work with Vista or XP.

  3. Computer Systems: Topic 8 – Supporting Software Viruses A virus is a program code that causes some undesirable and unexpected event to happen in a computer. Viruses are usually disguised as something innocent and are designed so that they automatically spread within or between computer systems. Viruses can enter a system as attachments to an e-mail, a download from the web, from a disk or CD. Some viruses take effect as soon as their code is executed and others can wait until circumstances cause their code to be executed by the computer. Viruses can be quite harmful and erase data or close down a system.

  4. Computer Systems: Topic 8 – Supporting Software Virus Types - Classified by 3 main types: File Virus File viruses attach themselves to program files such as .exe or .com files. When the program is loaded, the virus is also loaded. A file virus can also take the form of a complete program, or script, attached to something else, e.g. e-mail. Boot Sector Virus These viruses infect startup files/boot files of the OS eg they attach to the boot sector on disks or the master boot record on hard disks. They initially infiltrate the boot sector, the virus is read while the system is running and then activated the next time the operating system is loaded.

  5. Computer Systems: Topic 8 – Supporting Software Macro Virus Macro viruses infect a document and run when the document is opened (sometimes it warns you a document contains a macro so you can choose not to run the macro). They often copy themselves to the macro library from where they can copy to other documents that access the macro library. Macro viruses are fairly common viruses, but they tend to do the least damage eg they typically cause a sequence of actions within the application e.g. inserting unwanted words or phrases in a document.

  6. Computer Systems: Topic 8 – Supporting Software Virus Actions Replication - A computer virus has the unique ability to replicate. Like a biological virus they can spread quickly and can be difficult to control. They can attach themselves to almost any type of file and spread as files are copied and sent between computer users. A virus can take a long time to replicate itself before activation. This gives it time to be spread over many computers before being discovered. Camouflage - The virus attempts to hide itself from detection software by presenting itself as a useful file or by encrypting its signature to avoid detection. It is possible for a virus to avoid detection by taking on the characteristics that detection software is programmed to look for and ignore.

  7. Computer Systems: Topic 8 – Supporting Software Watching A virus can lie in wait and ambush a computer when something routine is carried out e.g. opening a particular application. The damage routines will activate when certain conditions are met. On a certain date, or when the infected user performs a particular action may trigger the virus. Delivery Infected disks brought in from the outside used to be the main source of viruses until e-mail provided the ideal delivery vehicle.

  8. Computer Systems: Topic 8 – Supporting Software Other Infections Worm - A worm is a self-replicating virus that does not alter any files but takes up residence in the computer’s active memory and duplicates itself. They only become noticeable once their replication consumes the memory to the extent that the system slows down or is unable to carry out particular tasks.

  9. Computer Systems: Topic 8 – Supporting Software Other Infections Trojan Horse - A Trojan horse is a program where harmful code is contained inside another code which can appear to be harmless. Once the apparently harmless code is in the computer, it releases the malicious code to do its damage. Trojan’s are not classified as viruses as they do not self-replicate and don’t infect other files. Example of a Trojan horse is a fake log-in screen designed to steal your log-in data.

  10. Computer Systems: Topic 8 – Supporting Software Anti virus techniques The best protection against a virus is to know that each file you open from an e-mail, disk or from the web is free from any virus. This requires anti-virus software that can screen e-mail attachments, web downloads, and checks all of your files from time-to-time removing any viruses that are found.

  11. Computer Systems: Topic 8 – Supporting Software Checksum A checksum is a mathematical value that is attached to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed. A checksum is created by performing a complicated series of mathematical operations that translates the data in the file into a fixed string of digits which is then used as a checksum. When these files are called to execute the checksum is calculated and compared with what it should be. If there are any differences, then the file about to be run could have be infected and a warning given. You can recalculate the checksum when boot or executable file are legitimately altered by the user.

  12. Computer Systems: Topic 8 – Supporting Software Virus Signatures A virus signature is a unique pattern of bits within a virus. It can be used to detect and identify specific viruses. Once known, the anti-virus software uses the virus signature to scan for the presence of malicious code and removes it.

  13. Computer Systems: Topic 8 – Supporting Software Heuristic Detection Heuristics means 'rule based'. Normally, for an Anti-Virus to detect a virus it must have been seen before. Heuristics are used as there are some families of viruses that continually change their appearance and it is not possible to detect every variant. (ie look for known malicious code, or slight variations of such code). Heuristics allow us to set up some rules so if it smells like a virus, and it acts like a virus we can detect it, even if we have never seen the virus before. Heuristic techniques work on the probabilities of a file being infected i.e. it will give a percentage likelihood of a file being infected by weighing up the file behaviour. Eg, if a file attempts to access your address book then that might be suspicious, or writes to the disk other than in normal OS procedures, or registry changes.

  14. Computer Systems: Topic 8 – Supporting Software Memory Resident Monitoring Some anti-virus software is memory resident and is loaded on start up. It monitors the system for viruses whilst the computer is switched on and checks programs for infection every time they run. This will include the boot files on start up, checking any disk as it is accessed, checking any files accessed during operation and checking any files being loaded on the hard drive. The price to be paid with memory resident programs is that they can cause delays in program loading and execution whilst the checks are being carried out.

More Related