1 / 31

Computer Viruses

Computer Viruses. Author: Alyse Allen. Computer Virus. Very common Millions of different ones exist A computer program that can replicate itself and spread from one computer to another causing harm. Three Different Types. Macro Viruses Stealth Viruses Polymorphic Viruses.

trilby
Télécharger la présentation

Computer Viruses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Viruses Author: Alyse Allen

  2. Computer Virus • Very common • Millions of different ones exist • A computer program that can replicate itself and spread from one computer to another causing harm

  3. Three Different Types • Macro Viruses • Stealth Viruses • Polymorphic Viruses

  4. Macro Viruses

  5. Macro • Symbol, name, key, etc. that represents a list of commands, actions, or keystrokes • Can be very useful

  6. Example • If you type a lot of letters • Set up a macro that defines all the keystrokes necessary to begin your letter • Name, address, etc. • Press the assigned key/keys and your letterhead appears • Like batch files

  7. Macro Virus • Computer virus • Usually infects a Microsoft Word document or spreadsheet • Causes a sequence of actions to be performed automatically when the application is started or something else triggers it. • Most of the time it is relatively harmless

  8. Macro Virus • Written in a language that is built into the software application • Replaces normal macro commands with the virus

  9. How? • Virus replaces the regular commands with the same name and runs when the command is selected. • If the infected macro is auto-executable, the macro is opened and the virus executed without the user’s knowledge

  10. How is Macro Viruses spread? • Often through emails • Discs • Networks • Modems • Internet **HARD TO DETECT**

  11. Macro Virus • More easily spread • Depends on the application, not the operating system • Can infect computers running all different operating systems • Some of these viruses can be detected through antivirus software but not all.

  12. Melissa Virus • Found March 26, 1999 • Not originally designed for harm • Overloaded servers and mail systems were shut down • Written by David L. Smith • He named the virus after a stripper he met • Virus was embedded into a word document entitled list.doc • Sent out as an email

  13. What did Melissa do? • Once opened, the macro virus would run and attempt to mass mail itself • Collected the first 50 address book entries and forwarded the email to them with the list.doc attached • Subject line of the email read:“Important message from [name]” • Body read:“Here is that document you asked for…don’t show anyone else ;-)”

  14. Stealth Viruses

  15. Stealth Virus • Virus that hides from antivirus software by: a. masking the size of the file that it hides in b. temporarily removing itself from the infected file and placing a copy of itself in another location on the drive, and replacing the infected file with an uninfected one that it has stored on the hard drive.

  16. How a stealth virus works • Fools the antivirus software by catching its requests to the operating system to open a file. • The virus can then provide (open) a clean version of the file to the antivirus software • The antivirus software is tricked and the virus won!

  17. Frodo Virus • Infected file is executed • Virus becomes a memory resident • Infects any file accessed by the user with the .com or .exe extension • On Sept. 22, it attempts to place a Trojan on boot sectors • Trojan displays the message “FRODO LIVES” • Frodo is a Lord of the Rings character whose birthday is September 22nd.

  18. Polymorphic Viruses

  19. Polymorphic Virus • One of the more complex computer viruses • Virus that changes its virus signature (binary pattern) every time it replicates and infects a new file in order to keep from being detected by an antivirus software

  20. Effective Polymorphic Virus • A coder chooses from a number of different encryption schemes that require different methods of decryption • Only one scheme will remain visible in all instances of the infection. • If virus scanner is based on string-driven detection, many different strings would have to be detected (one for each probable decryption scheme).

  21. Most complex form • AKA: Big Brother of all polymorphic viruses • Relies on its Mutation Engine – type of object module • Mutation Engine allows ANY virus to reach a polymorphic state by implementing specific codes to the program source code and linking modules able to generate random numbers

  22. Polymorphic Viruses • Very harmful • Can completely corrupt your system • Can go undetected for months

  23. Tequila • 1991 • First widespread polymorphic virus found • Polluted local executable files • When users ran infected program(s): a. appended itself to the hard disk’s file storage area b. altered Partition data c. modified the Master Boot Record to “point” to itself

  24. How the infected computers suffered • Had File Allocation Table errors • Terminal data loss

  25. How do you protect your PC from viruses?

  26. The answer is VERY simple…

  27. Convert to a MAC

  28. Take precautions to secure it • Make sure your operating system is up-to-date by:a. installing the latest patches andb. service updates • Use antivirus protection • Use a firewall • Lock down your wireless internet

  29. References • http://en.wikipedia.org/wiki/Computer_virus • http://searchsecurity.techtarget.com/definition/macro-virus • http://www.webopedia.com/TERM/M/macro_virus.html • http://www.cert.org/advisories/CA-1999-04.html • http://searchsecurity.techtarget.com/definition/Melissa-virus

  30. References • http://www.essortment.com/computer-tips-5-common-types-virus-28878.html • http://virus.wikia.com/wiki/Frodo • http://www.spamlaws.com/polymorphic-virus.html • http://vx.netlux.org/lib/static/vdat/polyevol.htm • http://www.infoplease.com/ipa/A0872842.html

More Related