DOCSLIB.ORG

Computer Viruses a Global Persp Ective

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Computer Viruses� a Global Persp Ective In Proceedings of the th Virus Bulletin International Conference Boston September Virus Bulletin Ltd Abingdon England pp Computer Viruses A Global Persp ective Steve R White Jerey O Kephart and David M Chess High Integrity Computing Lab oratory IBM Thomas J Watson Research Center PO Box Yorktown Heights NY Intro duction Technical accounts of computer viruses usually fo cus on the microscopic details of individual viruses their structure their function the typ e of host programs they infect etc The media tends to fo cus on the so cial implications of isolated scares Such views of the virus problem are useful but limited in scop e One of the missions of IBMs High Integrity Computing Lab oratory is to understand the virus problem from a global p ersp ective and to apply that knowledge to the development of antivirus technology and measures We have employed two complementary approaches observational and theoretical virus epidemiology Observation of a large sample p opulation for six years has given us a go o d understanding of many asp ects of virus prevalence and virus trends while our theoretical work has b olstered this understanding by suggesting some of the mechanisms that govern the b ehavior that we have observed In this pap er we review some of the main ndings of our previous work In brief we show that while thousands of DOS viruses exist to day less than of these have actually b een seen in real virus incidents Viruses do not tend to spread wildly Rather it takes months or years for a virus to b ecome widespread and even the most common aect only a small p ercentage of all computers Theoretical mo dels based on biological epidemiology can explain these ma jor features of computer virus spread Then we demonstrate some interesting trends that have b ecome apparent recently We examine several curious features of viral prevalence over the past few years including remarkable p eaks in virus rep orts the rise of b o otsectorinfecting viruses to account for almost all incidents to day and the near extinction of leinfecting viruses We show that antivirus software can b e remarkably eective within a given organization but that it is not resp onsible for the ma jor changes in viral prevalence worldwide Instead our study suggests that changes in the computing environment in cluding changes in machine typ es and op erating systems are the most imp ortant eects inuencing what kinds of viruses b ecome prevalent and how their prevalence changes Finally we lo ok at current trends in op erating systems and networking and attempt to predict their eect on the nature and extent of the virus problem in the coming years The Status of the Virus Problem To day Over the past decade computer viruses have gone from an academic curiosity to a p ersistent worldwide problem Viruses can b e written for and spread on virtually any computing platform While there have b een a few largescale networkbased incidents to date the more signicant problem has b een on micro computers Viruses are an ongoing p ersistent worldwide problem on every p opular micro computing platform In this section we shall rst review briey our metho ds for monitoring several asp ects of computer virus prevalence in the world Then we shall present a numb er of the most interesting observations We will attempt to explain these observations in later sections of the pap er Measuring Computer Virus Prevalence We have learned much ab out the extent of the PCDOS virus problem by collecting virus incident statistics from a xed wellmonitored sample p opulation of several hundred thousand PCs for six years The sample p opulation is international but biased towards the United States It is b elieved to b e typical of Fortune companies except for the fact that central incident management is used to monitor and control virus incidents Briey the lo cation and date of each virus incident is recorded along with the numb er of infected PCs and diskettes and the identity of the virus From these statistics we obtain more than just an understanding of the virus problem within our sample p opulation we also can infer several asp ects of the virus problem worldwide Figure illustrates how this is p ossible From the p ersp ective of one of the organizations that comprises our sample p opulation the world is full of computer viruses that are continually trying to p enetrate the semip ermeable b oundary that segregates that organization from the external world At a rate dep ending on the numb er of computer virus infections in the world the numb er of machines in the organization and the p ermeability of the b oundary a computer virus will so oner or later make its way into the orga nization This marks the b eginning of a virus incident Assuming that the p ermeability of the b oundary remains constant the numb er of virus incidents p er unit time p er machine within the set of organizations that makes up our sample p opulation should b e prop ortional to the numb er of computer virus infections in the world during that time p erio d In fact our measure will lag the actual gure somewhat since incidents are not always discovered immediately Observations of Computer Virus Prevalence As shown in Figure there are thousands of DOS viruses to day During the past several years the rate at which they have app eared worldwide has crept upwards to its present value of new viruses a day on average see Fig Note that the numb er of new viruses is not increasing exp onentially as is often claimed The rate of app earance of new viruses in the collections of antivirus workers has b een increasing gradually for several years at roughly a linear rate Thus the numb er of known viruses is growing quadratically at worst In fact almost nothing at all ab out viruses is increasing exp onentially The problem is signicant and it is growing somewhat worse but prophets of do om in this eld have p o or track records While there are thousands of DOS viruses less than of them have b een seen in actual virus incidents within the p opulation that we monitor These are the viruses that actually constitute a problem for the general p opulation of PC users It is very imp ortant that antivirus software detect viruses that have b een observed in the wild The remainder are rarely seen outside of the collections of antivirus groups like ours Although many of them might never spread signicantly viruses that are not prevalent remain of interest to the antivirus community We must always b e prepared for the p ossibility that a lowprole virus will start to b ecome prevalent This requires us to b e familiar with all viruses prevalent or not and to incorp orate a knowledge of as many of them 1 Further details ab out our metho ds for collecting and interpreting statistics can b e found in several references Org. Org. Penetration World Internal Spread World Figure Computer virus spread from an organizations p ersp ective White circles represent uninfected machines black circles represent infected machines and gray circles represent machines in the pro cess of b eing infected Throughout the world computer viruses spread among PCs many of them b eing detected and eradicated eventually Left Occasionally a virus p enetrates the b oundary separating the organization from the rest of the world initiating a virus incident Right The infection has spread to other PCs within the organization The numb er of PCs that will b e infected by the time the incident is discovered and cleaned up is referred to as the size of the incident Number of Different PC±DOS Viruses 4500 4000 3500 3000 2500 2000 Total Viruses 1500 Known to IBM 1000 500 Observed 0 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1988 1989 1990 1991 1992 1993 1994 1995 Figure Cumulative numb er of viruses for which signatures have b een obtained by IBMs High Integrity Computing Lab oratory vs time There are thousands of viruses but only a few have b een seen in real incidents New PC±DOS Viruses Per Day 5 4 3 2 New Viruses Per Day 1 0 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1/1 7/1 1988 1989 1990 1991 1992 1993 1994 1995 Figure The numb er of new viruses app earing worldwide p er day has b een increasing steadily as p ossible into antivirus software We continue to monitor the prevalence of al l viruses regardless of how prevalent they are at present Out of the several hundred viruses that have ever b een observed in actual incidents a mere handful account for most of the problem Figure shows the relative fraction of incidents caused by the ten most prevalent viruses in the world in the past year These ten account for over two thirds of all incidents The one hundred other viruses that have b een seen in incidents in the past year account for less than a third of the incidents Most of these were seen in just a single incident Curiously the ten most prevalent viruses are all b o ot viruses Bo ot viruses infect b o ot sectors of diskettes and hard disks When a system is b o oted from an infected diskette its hard disk b ecomes infected Typically any nonwriteprotected diskette that is used in the system thereafter also b ecomes infected spreading the virus The dominance of b o ot viruses is esp ecially striking when one takes into account the fact that of the thousands of known DOS viruses only ab out are b o ot sector infectors Bo ot viruses have not always b een dominant Three years ago the second and third most prevalent viruses were le infectors as were of the top The total incident rates for b o ot infectors and le infectors
Load more

Recommended publications
  • A the Hacker
    A The Hacker Madame Curie once said “En science, nous devons nous int´eresser aux choses, non aux personnes [In science, we should be interested in things, not in people].” Things, however, have since changed, and today we have to be interested not just in the facts of computer security and crime, but in the people who perpetrate these acts. Hence this discussion of hackers. Over the centuries, the term “hacker” has referred to various activities. We are familiar with usages such as “a carpenter hacking wood with an ax” and “a butcher hacking meat with a cleaver,” but it seems that the modern, computer-related form of this term originated in the many pranks and practi- cal jokes perpetrated by students at MIT in the 1960s. As an example of the many meanings assigned to this term, see [Schneier 04] which, among much other information, explains why Galileo was a hacker but Aristotle wasn’t. A hack is a person lacking talent or ability, as in a “hack writer.” Hack as a verb is used in contexts such as “hack the media,” “hack your brain,” and “hack your reputation.” Recently, it has also come to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. A hack also means a simple but often inelegant solution or technique. The following tentative definitions are quoted from the jargon file ([jargon 04], edited by Eric S. Raymond): 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
    [Show full text]
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
    [Show full text]
  • Virus Infection Techniques: Boot Record Viruses
    Virus Infection Techniques: Boot Record Viruses Bill Harrison CS4440/7440 Malware Analysis and Defense Reading } Start reading Chapter 4 of Szor 2 Virus Infection Techniques } We will survey common locations of virus infections: MBR (Master Boot Record) Boot sector Executable files (*.EXE, *.COM, *.BAT, etc.) } Most of the examples of these viruses, especially the first two types, are from the DOS and floppy disk era 3 Why Study Older Viruses? } Vulnerabilities remain very similar over time, along with the means to exploit them and defend against them } Modern Internet worms differ mainly in the use of the internet for transport, and are otherwise similar to older viruses } Older viruses illustrate the virus vs. antivirus battle over many generations 4 Boot-up Infections and the PC Boot-up Sequence } PC boot-up sequence: 1. BIOS searches for boot device (might be a diskette, hard disk, or CD-ROM) 2. MBR (Master Boot Record) is read into memory from the beginning of the first disk partition; execution proceeds from memory 5 Master Boot Record Structure Boot-up Sequence cont’d. 3. Beginning of MBR has tiny code called the boot- strap loader 4. Data area within MBR has the disk PT (partition table) 5. Boot-strap loader reads PT and finds the active boot partition 6. Boot-strap loader loads the first sector of the active partition into memory and jumps to it; this is called the boot sector 7 Boot-up Sequence cont’d. } MBR is always at BIOS the very first sector of the hard MBR: Expanded View MBR Boot-strap loader code (446 disk (first 512
    [Show full text]
  • IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions
    IBM Security Solutions May 2011 IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions Contents About the report 2 About the Report The IBM X-Force® Threat Insight Quarterly is designed to highlight some of the most significant threats and challenges 3 Evolution: From Nuisance to Weapon facing security professionals today. This report is a product of IBM Managed Security Services and the IBM X-Force 8 Prolific and Impacting Issues of Q1 2011 research and development team. Each issue focuses on specific challenges and provides a recap of the most significant recent 16 References online threats. IBM Managed Security Services are designed to help an organization improve its information security, by outsourcing security operations or supplementing your existing security teams. The IBM protection on-demand platform helps deliver Managed Security Services and the expertise, knowledge and infrastructure an organization needs to secure its information assets from Internet attacks. The X-Force team provides the foundation for a preemptive approach to Internet security. The X-Force team is one of the best-known commercial security research groups in the world. This group of security experts researches and evaluates vulnerabilities and security issues, develops assessment and countermeasure technology for IBM security products, and educates the public about emerging Internet threats. We welcome your feedback. Questions or comments regarding the content of this report should be addressed to [email protected]. 3 X-Force Threat Insight Quarterly IBM Security Solutions Evolution: From Nuisance to Weapon One of the more notable examples here is Brain3, a boot sector infector which originated in Pakistan and released in 1986, was Creeper, Wabbit, Animal, Elk Cloner, Brain, Vienna, Lehigh, one of the first examples of malware that infected PC’s running Stoned, Jerusalem.
    [Show full text]
  • Virus Bulletin, July 91
    July 1991 ISSN 0956-9979 THE AUTHORITATIVE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Edward Wilding Technical Editor: Fridrik Skulason, University of Iceland Editorial Advisors: Jim Bates, Bates Associates, UK, Phil Crewe, Fingerprint, UK, David Ferbrache, ISIS Ltd., UK, Ray Glath, RG Software Inc., USA, Hans Gliss, Datenschutz Berater, West Germany, Ross M. Greenberg, Software Concepts Design, USA, Dr. Harold Joseph Highland, Compulit Microcomputer Security Evaluation Laboratory, USA, Dr. Jan Hruska, Sophos, UK, Dr. Keith Jackson, Walsham Contracts, UK, Owen Keane, Barrister, UK, John Laws, RSRE, UK, David T. Lindsay, Digital Equipment Corporation, UK, Yisrael Radai, Hebrew University of Jerusalem, Israel, Martin Samociuk, Network Security Management, UK, John Sherwood, Sherwood Associates, UK, Prof. Eugene Spafford, Purdue University, USA, Dr. Peter Tippett, Certus International Corporation, USA, Dr. Ken Wong, PA Consulting Group, UK, Ken van Wyk, CERT, USA. CONTENTS SCANNER UPDATE IBM Triumphs Amidst the ‘Vapourware’ 34 EDITORIAL 2 Results Table 35 TECHNICAL NOTES 3 TUTORIAL PRODUCT REVIEWS Fixed Disk Boot Sectors and 1. SafeWord Virus-Safe 36 Post-Attack Recovery 5 2. Knoxcard: Anti-Virus Hardware 38 Virus Bulletin Education, Training & Awareness Presentations 9 3. Trend Micro Devices’ PC-cillin 40 LETTERS SHAREWARE REVIEW VB Signatures With IBM’s Virscan 10 PC Virus Index 42 Vetting Procedure 10 KNOWN IBM PC VIRUSES 12 END-NOTES & NEWS 44 VIRUS BULLETIN ©1991 Virus Bulletin Ltd, 21 The Quadrant, Abingdon Science Park, Oxon, OX14 3YS, England. Tel (+44) 235 555139. /90/$0.00+2.50 This bulletin is available only to qualified subscribers. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means, electronic, magnetic, optical or photocopying, without the prior written permission of the publishers.
    [Show full text]
  • CIAC 2301 Virus Update May 1998
    Department of Energy CIAC UCRL-MA-115896 Rev. 6 Computer Incident Advisory Capability Virus Information Update CIAC-2301 Gizzing H. Khanaka William J. Orvis May 21, 1998 Lawrence Livermore National Laboratory DISCLAIMER This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. This report has been reproduced directly from the best available copy. Available to DOE and DOE contractors from the Office of Scientific and Technical Information P.O. Box 62, Oak Ridge, TN 37831 Prices available from (615) 576-8401, FTS 626-8401. Available to the public from the National Technical Information Service U.S. Department of Commerce 5285 Port Royal Rd. Springfield, VA 22161 CIAC is the U.S. Department of Energy’s Computer Incident Advisory Capability. Established in 1989, shortly after the Internet Worm, CIAC provides various computer security services to employees and contractors of the DOE, such as: • Incident Handling consulting • Computer Security Information • On-site Workshops • White-hat Audits CIAC is located at Lawrence Livermore National Laboratory and is a part of its Computer Security Technology Center.
    [Show full text]
  • An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p. ii ABSTRACT This dissertation examines both the subculture and social organization practices of computer hackers. The concept of normative orders (Herbert, 1998: 347) is used to explore hacker subculture in different contexts.
    [Show full text]
  • Compliments of Edited by Linda Mccarthy and Denise Weldon-Siviy
    Compliments of Edited by Linda McCarthy and Denise Weldon-Siviy page press Smart Books for Smart People® The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. All trademarks are the property of their respective owners. Publisher: Linda McCarthy Editor in Chief: Denise Weldon-Siviy Managing Editor: Linda McCarthy Cover designer: Alan Clements Cover artist: Nina Matsumoto Interior artist: Heather Dixon Web design: Eric Tindall and Ngenworks Indexer: Joy Dean Lee Interior design and composition: Kim Scott, Bumpy Design Content distribution: Keith Watson The publisher offers printed discounts on this book when ordered in quantity for bulk purchases, or special sales, which may include electronic versions and/or custom covers and content particular to your business, training, goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Education Sales (510) 220-8865 Except where otherwise noted, content in this publication is licensed under the Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License, available at http://creativecommons.org/licenses/by-sa/3.0/us/legalcode. ISBN 978-0-615-37366-9 Library of Congress Cataloging-in-publication Data McCarthy, Linda Own your space : keep yourself and your stuff safe online / Linda McCarthy. ISBN 978-0-615-37366-9 (electronic) 1. Computer security. 2. Computers and children.
    [Show full text]
  • Hacker, Hoaxer, Whistleblower, Spy: the Story of Anonymous
    hacker, hoaxer, whistleblower, spy hacker, hoaxer, whistleblower, spy the many faces of anonymous Gabriella Coleman London • New York First published by Verso 2014 © Gabriella Coleman 2014 The partial or total reproduction of this publication, in electronic form or otherwise, is consented to for noncommercial purposes, provided that the original copyright notice and this notice are included and the publisher and the source are clearly acknowledged. Any reproduction or use of all or a portion of this publication in exchange for financial consideration of any kind is prohibited without permission in writing from the publisher. The moral rights of the author have been asserted 1 3 5 7 9 10 8 6 4 2 Verso UK: 6 Meard Street, London W1F 0EG US: 20 Jay Street, Suite 1010, Brooklyn, NY 11201 www.versobooks.com Verso is the imprint of New Left Books ISBN-13: 978-1-78168-583-9 eISBN-13: 978-1-78168-584-6 (US) eISBN-13: 978-1-78168-689-8 (UK) British Library Cataloguing in Publication Data A catalogue record for this book is available from the British library Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the library of congress Typeset in Sabon by MJ & N Gavan, Truro, Cornwall Printed in the US by Maple Press Printed and bound in the UK by CPI Group Ltd, Croydon, CR0 4YY I dedicate this book to the legions behind Anonymous— those who have donned the mask in the past, those who still dare to take a stand today, and those who will surely rise again in the future.
    [Show full text]
  • Twenty Years Before the Mouse
    Twenty years before the mouse. Aryeh Goretsky Distinguished Researcher Table of Contents Introduction 3 Fiat Lux 4 Brain Damage: Rootkits 1980s-Style 4 On-the-Job Training 5 Ransomware: Then and Now 5 War of the Parasites 6 Writing Viruses for Fun and Profit 9 Somebody Set Us Up the Bomb 11 Profits of Doom 12 This Way to the Egress 16 Acknowledgements 17 Sources 18 Title note: With apologies to author Charles Erskine’s “Twenty Years Before the Mast: With the more thrilling scenes and incidents while circumnavigating the globe under the command of the late Admiral Charles Wilkes 1838-1842.” Boston (privately printed), 1890. 2 Twenty years before the mouse Introduction For the past several years, I have been deep in the dark bowels of ESET, LLC’s Research Department—as the department’s Special Projects Manager, working on tasks that are vital at antivirus companies but generally go unnoticed by the public, testing things, making things, aggregating data from disparate sources, providing commentary and analysis and all the other myriad tasks one has to perform as a manager. One such regular responsibility is drafting new research topics alongside security expert Jeff Debrosse, the head of Research at ESET. Jeff is no stranger to visitors of ESET, LLC’s blog or readers of its white papers. He has written many of both and has been involved in the creation of others to varying extents. But as Senior Director, he is not just a frequent author or speaker but responsible for the operation of the department as well. And that means occasionally getting one of us to write a white paper.
    [Show full text]
  • Class -VII Super Computer Exercise Corner Specimen Copy Year- 2020-21
    s Class -VII Super Computer Exercise Corner Specimen Copy Year- 2020-21 Page 1 CH-9 Computer Security Focus of the chapter 1. Computer Virus 2. Symptoms of virus 3. Types of virus 4. Other harmful programs 5. Antivirus software Keywords Virus – a program designed to perform undesired and malicious actions. Spam –Unsolicited and unwanted email Trojan Horse – a harmful program that damages the computer once it runs. Quarantining – isolation of a file by antivirus software Checkpoint Fill in the blanks. 1. The term Malware is formed by the combination of the words – malicious and software. 2. A virus can infect the files in your computer. 3. Elk Cloner, Brain, Disk killer and stoned virus are types of boot sector viruses. 4. A file infector virus infects program and executable files. 5. Spam refers to unsolicited and unwanted email. 6. Elkern, Marburg, Satan Bug and Tuareg are examples of Polymorphic viruses Page 2 Checkpoint A. Match the columns. 1 Trojan Horse a runs in the background of another file. 2 Worm b An Advertising Supported software 3 Backdoor virus c Although safe, but damages the system once it runs 4 Spyware d Can multiply itself over a network 5 Adware e Collects information about the Internet surfing habits of the user Ans. 1 – c 2 – d 3 – a 4 – e 5 - b B. Fill in the blanks. 1. Quarantining a file is the first action performed by an antivirus software. 2. In repairing method, the antivirus removes the virus code and repairs the file. 3. Repairing a file is the best method to remove a virus code and restore the file to its original form.
    [Show full text]
  • A Computer Virus Primer
    Purdue University Purdue e-Pubs Department of Computer Science Technical Reports Department of Computer Science 1989 A Computer Virus Primer Eugene H. Spafford Purdue University, [email protected] Kathleen A. Heaphy David J. Ferbrache Report Number: 89-935 Spafford, Eugene H.; Heaphy, Kathleen A.; and Ferbrache, David J., "A Computer Virus Primer" (1989). Department of Computer Science Technical Reports. Paper 795. https://docs.lib.purdue.edu/cstech/795 This document has been made available through Purdue e-Pubs, a service of the Purdue University Libraries. Please contact [email protected] for additional information. A COMPUTER VIRUS PRIMER Eugene H. Spafford Kathleen A. Heaphy David J. Ferbrache CSD TR-935 November 1989 A Computer Virus Primer1 Purdue University Technical Report CSD-TR-935 Eugene H. Spafford Kathleen A. Heaphy David J. Ferbrache 28 November 1989 1@ Copyright 1989 by ADAPSO, Inc. and Eugene H. SpaJford. All rights reserved. Abstract There has been considerable interest of late in computer viruses. Much of the information available is either of a highly theoretical nature, or describes a specific set of viruses. Neither is useful for providing an overview of how computer viruses work or how to protect against them. This report is a condensed explanation of viruses-their history, structure, and some information on how to deal with their threat. It should provide a general introduction to the topic without requiring the understanding of excessive detail. The interested reader is directed to the book from which this report is derived for further infor­ mation, including references to related works and sources, more technical detail, and information on some of the legal aspects ofcomputer viruses: Computer Viruses: Dealing with Electronic Vandalism and Programmed Threats, E.
    [Show full text]