1 / 24

Virus Antivirus

Virus Antivirus. Contents. Virus Introduction Types of Viruses Viruses Antivirus Introduction Types of Antivirus Technical Implementation Hardware and Software Features Future Implementation. Virus. Introduction. Computer Virus – Type of Malware, replicates itself

kaiya
Télécharger la présentation

Virus Antivirus

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virus Antivirus

  2. Contents • Virus Introduction • Types of Viruses • Viruses • Antivirus Introduction • Types of Antivirus • Technical Implementation • Hardware and Software • Features • Future Implementation

  3. Virus

  4. Introduction • Computer Virus – Type of Malware, replicates itself • Infects a variety of different subsystems on their hosts • Stealing hard disk space or CPU time • Accessing private information • Corrupting data • Logging users keystrokes

  5. Types of Viruses

  6. Types of Viruses (1/2) • Boot viruses • These viruses replace the boot record and move it to a different part of the hard disk, or simply overwrite it. • Program viruses • Infects only executable files (with extensions like .BIN, .COM, .EXE, .OVL, .DRV, and .SYS). • Once executed, these programs load into memory, along with the virus contained within them. • Stealth viruses • Redirects the hard disk head, forcing it to read another memory sector instead of their own.

  7. Types of Viruses (2/2) • Polymorphic viruses • Always change their source code from one infection to another.  • Each infection is different, and this makes detection very hard. • Macro viruses • Virus that is written in a macro language, and embedded into documents (MS Word, Excel) so that when users open the file, the virus code is executed, and can infect the user's computer. 

  8. Viruses

  9. Viruses (1/2) • Killing New Process • When executed does not allow any new process to start • Does not effect any existing process already running • Application Virus • Aimed to corrupt or kill Windows inbuilt applications like MS Paint, Notepad, Internet Explorer • Also creates many threads so that the CPU become busy and PC starts hanging up

  10. Viruses (2/2) • File Replicating Virus • Consumes the Hard Disk space by replicating the files • Does not effect any existing process already running • Removable Drive Virus • Detects removable drive and copies infected file into removable drive

  11. Antivirus

  12. Antivirus Introduction • Computer software used to prevent, detect and remove malicious computer viruses. • Usually runs at the highly trusted kernel level of the operating system to allow it access to all potential malicious process and files, creating a potential avenue of attack. • Perform one or more of the following actions; • Quarantining • repairing, or deleting. • Quarantining a file will make it inaccessible, and is usually the first action antivirus software will take if a malicious file is found. 

  13. Antivirus Types

  14. Types of Antivirus (1/2) • Signature based detection • To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures.  • Requires frequent updates of the virus signature dictionary.  • Heuristic-based detection • Malicious activity detection, can be used to identify unknown viruses. • Two methods are used; file analysis and file emulation. • File Analysis: analyze the instructions of a program. Based on the instructions, the software can determine whether or not the program is malicious.  • For example, if the file contains instructions to delete important system files, the file might be flagged as a virus. 

  15. Types of Antivirus (2/2) • File Emulation: the target file is run in a virtual system environment, separate from the real system environment. The antivirus software would then log what actions the file takes in the virtual environment. If the actions are found to be damaging, the file will be marked a virus.  • Our Antivirus will be based on Signature based detection mechanism.

  16. Technical Implementation

  17. Technical Implementation • Viruses and Antivirus will be developed on .NET platform using C# as a coding language. • .NET is Microsoft platform for developing advanced and Robust applications • .NET supports a wide range of library classes which eases the development efforts and hence more time can be utilized in other activities • .NET is called Language Independent Platform as it support 4 native languages and 21 non-native languages. • Native Languages are a Microsoft created languages i.e. C#. VB.Net, J#, VC++

  18. Hardware and Software

  19. Hardware and Software Virus-Antivirus Software Hardware • Windows XP/ Windows Vista/ Windows 7 • Microsoft .NET Framework 3.5 • Microsoft Visual Studio 2008 • Pentium Core 2 Duo processor or above • 2 GB RAM • 20 GB HDD

  20. Features

  21. Features • Signature based virus detection • Scanning Option – (Full Scan, Drive Scan) • Adding of new virus signatures

  22. Future Enhancement

  23. Future Enhancement • The future enhancement to this Antivirus will be addition of heuristic technique • Determination of malicious activity on basis of User behavior

  24. Thank You

More Related