DOCSLIB.ORG

Computer Viruses. Technology Update. INSTITUTION Kent State Univ., OH

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Computer Viruses. Technology Update. INSTITUTION Kent State Univ., OH DOCUMENT RESUME ED 412 892 IR 018 338 AUTHOR Ponder, Tim, Comp.; Ropog, Marty, Comp.; Keating, Joseph, Comp. TITLE Computer Viruses. Technology Update. INSTITUTION Kent State Univ., OH. Ohio Literacy Resource Center. PUB DATE 1997-00-00 NOTE 5p.; Compiled from information from the Internet. AVAILABLE FROM Available on the World Wide Web at: http://literacy.kent.edu/oasis/pubs/0500-4.html PUB TYPE Reports Descriptive (141) EDRS PRICE MF01/PC01 Plus Postage. DESCRIPTORS *Computer Networks; *Computer Security; Computer Software; Disk Drives; Floppy Disks; Information Sources; Information Technology; Microcomputers; *Prevention; Problems; Risk Management; Technical Assistance IDENTIFIERS *Computer Viruses; Data Security ABSTRACT This document provides general information on computer viruses, how to help protect a computer network from them, measures to take if a computer becomes infected. Highlights include the origins of computer viruses; virus contraction; a description of some common virus types (File Virus, Boot Sector/Partition Table Viruses, Trojan Horses, and Stealth Viruses); and prevention. A list of common virus symptoms and resources for technical support are included.(AEF) **************************** ***** *********************************************** Reproductions supplied by EDRS are the best that can be made from the original document. ******************************************************************************** 039-0500-0004 hio MARCH 1997 Literacy Enhancing adult literacy in the State of Ohio Resource TECHNOLOGY UPDATE Center EDUCATION U,S. DEPARTMENT OFand Improvement Office of Educational Research EDUCATIONAL RESOURCESINFORMATION "PERMISSION TO REPRODUCE THIS CENTER (ERIC) reproduced as MATERIAL HAS BEEN GRANTED Bt T his document has been received from the person ororganization originating it. Tim Ponder Minor changes have beenmade to improve reproductionquality. COMPUTER VI RUSES stated in this Points of view or opinions document do not necessarilyrepresent official OERI position orpolicy. TO THE EDUCATIONAL RESOURCE: INFORMATION CENTER (ERIC)." COMPUTER. VIRUS:reactions to hearing those university labs - to demonstrate the "potential" words vary greatly. Too often, the reaction is one of threat that such software codes could provide. By two extremes. Either the computer users ignore the 1987, viruses began showing up at several chance of a virus, or they become overly concerned universities around the world. Three of the most CASCADE to the point of not wanting to use the computer for common of today's viruses - STONED, fear of contracting a virus. and FRIDAY THE 13* - fast appeared that year. Computer viruses are very real threats. They Serious outbreaks of these viruses began to DATACRIME can be simply annoying, requiring time to remove appear over the next two years. The and clean up. On the and FRIDAY THE 13* viruses became major media the opposite end of the events. Surprisingly, Bulgaria became known as spectrum, they can be world's Virus Factory in 1990 because of the high very destructive, number of viruses created there. The NCSA destroying data with (National Computer Security Association) found little or no warning. that Bulgaria, home of the notorious Dark Avenger, Viruses are more originated 76 viruses that year, making it the prevalent today than world's single largest virus contributor. Analysts ever, but so are tools believe that Bulgaria's mass production of viruses is due in part to the abundance of well trained but j÷"., Pftlit+LSJOINOCED and techniques to avoid them. To deal unemployed programmers; with nothing to do, with viruses, a user these individuals tried their hand at virus needs to know a bit about them, practice a few good production, with unfortunately successful results. habits, run an effective anti-virus program, and This growing activity of virus production know what to do if one does strike. convinced the computer industry that viruses were a The first sections focus on general virus serious threat and defensive measures should be information. Following that is a list of things to do developed. IBM created its High Integrity and not to do in order to help protect a computer or Computing Laboratory to lead Big Blue's anti-virus network as well as measures to take if a computer research. Symantec, which began offering does become infected. The last section contains Symantec Anti-Virus, was one of the first several resources to find more information. commercially available virus defenses. This new 1:,c) technology came none too soon. By 1991, the first (1) POLYMORPHIC viruses - that can, like the AIDS tr) ORIGIN$ OF COMF'UTER VJRUSKS( virus in humans, change their shape to elude Jo detection - began to spread and attack in significant O As recent as the mid-80's computer viruses did numbers. During that year, the total viruses began not exist. The first viruses were created in to swell, topping some 1,000 for the first time. 2 BEST COPY AVAILABLE VIRUS CONTRACTION The virus inserts its own code in any part of the file. Provided it changes the host's code, the program execution is misdirected so that it executes the virus Viruses come from a variety of sources. Because code first, rather than the legitimate program. a virus is software code, it can be transmitted along with any legitimate software that enters your Boot Sector/Partition Table Viruses environment. While there are only about 200 different boot In a 1991 study of major U.S. and Canadian sector viruses, they make up 75 percent of allvirus computer users by the market research firm infections. Boot sector viruses include Stoned, the Dataquest for the National Computer Security most common of all time, and Michelangelo, perhaps Association, most users blamed an infected the most notorious. These viruses are so prevalent diskette (87 percent). Forty-three percent of because they are harder to detect, since they do not the diskettes responsible for introducing a change a file size or slow performance, and are fairly virus into a corporate computing environment invisible until their trigger event occurs - such as the were brought from home. reformatting of a hard disk. They also spread rapidly. Nearly three-quarters (71 percent) of The boot sector virus infects floppy disks and infections occurred in a networked hard disks by inserting itself into the boot sector of the environment, making rapid spread a serious disk, which contains code that's executed during the risk. With networking, enterprise computing system boot process. Booting from an infectedfloppy and inter-organizational communication on allows the virus to jump to the computer's harddisk. the increase, infection during The virus executes first and gains control of the telecommunication and networking is system boot even before MS-DOS is loaded.Because growing. the virus executes before the operating system is Seven percent said they had acquired their loaded, it is not MS-DOS specific and can infect any virus while downloading software from an PC operating system platform - MS-DOS, Windows, electronic bulletin board service. OS/2, PC-NFS, or Windows NT. Other sources of infected diskettes included The virus goes into RAM, and infects every disk demo disks, diagnostic disks used by service that is accessed until the computer is rebooted and the technicians and shrink-wrapped software virus is removed from memory. Because theseviruses disks - contributing six percent of reported are memory resident, they canbe detected by running infections. CHKDSK to view the amount of RAM and observeif the expected total has declined by a few kilobytes. TEC1-111 I CAL OVPRVI E,& Partition table viruses attack the hard disk partition table by moving it to a different sector and replacing Viruses are small software programs. At the very the original partition table with its own infectious least, to be considered a virus, these programs must code. These viruses spread from the partitiontable to be able to replicate themselves. They do this by the boot sector of floppy disks as floppies are exploiting computer code already on the host system. accessed. The virus can infect, or become resident in, almost any software component, including an application, Trojan Horses operating system, system boot code or device driver. Like its namesake, the Trojan Horse virus Viruses gain control over their host in various ways. typically masquerades as something desirable -like a The following is a summary of some more common legitimate software program. The Trojan Horse virus types, how they function, and how you can generally does not replicate (but some cases of fight them. replication have been discovered). This virus type generally waits for a triggering event like displaying a File Virus message or reformatting a harddisk before it performs the infection. Most of the thousands of viruses known to exist are file viruses, including the FRIDAY THE13th Stealth Viruses virus. They infect file by attaching themselves to a Stealth viruses have special engineering that file, generally an executable file - the .EXE and enables them to elude detection by traditionalanti- .COM files that control applications and programs. virus tools. The stealth virus adds itself to afile or -2- 3 boot sector but, when you examine the host to scan any files downloaded immediately after software, it appears normal and unchanged. The saving. Or, better yet, set your virus software to do stealth virus performs this trickery by lurking in this automatically. Another good habit is to be memory when executed. There it monitorsand careful where you download from. Large sites such intercepts your system's MS-DOS calls. When the as www.shareware.com or software andhardware system seeks to open an infected file, the stealth companies are generally safer. Individuals on the virus races ahead, uninfects the file and allows MS- Web may not have taken as many precautions. DOS to open it - all appears normal. When MS- DOS closes the file, the virus reverses these actions, As mentioned, a virus is generally carried in reinfecting the file. programs that do something, such as zip, com, bat and exe files.
Load more

Recommended publications
  • A the Hacker
    A The Hacker Madame Curie once said “En science, nous devons nous int´eresser aux choses, non aux personnes [In science, we should be interested in things, not in people].” Things, however, have since changed, and today we have to be interested not just in the facts of computer security and crime, but in the people who perpetrate these acts. Hence this discussion of hackers. Over the centuries, the term “hacker” has referred to various activities. We are familiar with usages such as “a carpenter hacking wood with an ax” and “a butcher hacking meat with a cleaver,” but it seems that the modern, computer-related form of this term originated in the many pranks and practi- cal jokes perpetrated by students at MIT in the 1960s. As an example of the many meanings assigned to this term, see [Schneier 04] which, among much other information, explains why Galileo was a hacker but Aristotle wasn’t. A hack is a person lacking talent or ability, as in a “hack writer.” Hack as a verb is used in contexts such as “hack the media,” “hack your brain,” and “hack your reputation.” Recently, it has also come to mean either a kludge, or the opposite of a kludge, as in a clever or elegant solution to a difficult problem. A hack also means a simple but often inelegant solution or technique. The following tentative definitions are quoted from the jargon file ([jargon 04], edited by Eric S. Raymond): 1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.
    [Show full text]
  • Hacks, Cracks, and Crime: an Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of Missouri, St. Louis University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p.
    [Show full text]
  • Virus Infection Techniques: Boot Record Viruses
    Virus Infection Techniques: Boot Record Viruses Bill Harrison CS4440/7440 Malware Analysis and Defense Reading } Start reading Chapter 4 of Szor 2 Virus Infection Techniques } We will survey common locations of virus infections: MBR (Master Boot Record) Boot sector Executable files (*.EXE, *.COM, *.BAT, etc.) } Most of the examples of these viruses, especially the first two types, are from the DOS and floppy disk era 3 Why Study Older Viruses? } Vulnerabilities remain very similar over time, along with the means to exploit them and defend against them } Modern Internet worms differ mainly in the use of the internet for transport, and are otherwise similar to older viruses } Older viruses illustrate the virus vs. antivirus battle over many generations 4 Boot-up Infections and the PC Boot-up Sequence } PC boot-up sequence: 1. BIOS searches for boot device (might be a diskette, hard disk, or CD-ROM) 2. MBR (Master Boot Record) is read into memory from the beginning of the first disk partition; execution proceeds from memory 5 Master Boot Record Structure Boot-up Sequence cont’d. 3. Beginning of MBR has tiny code called the boot- strap loader 4. Data area within MBR has the disk PT (partition table) 5. Boot-strap loader reads PT and finds the active boot partition 6. Boot-strap loader loads the first sector of the active partition into memory and jumps to it; this is called the boot sector 7 Boot-up Sequence cont’d. } MBR is always at BIOS the very first sector of the hard MBR: Expanded View MBR Boot-strap loader code (446 disk (first 512
    [Show full text]
  • IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions
    IBM Security Solutions May 2011 IBM X-Force Threat Insight Quarterly 2 X-Force Threat Insight Quarterly IBM Security Solutions Contents About the report 2 About the Report The IBM X-Force® Threat Insight Quarterly is designed to highlight some of the most significant threats and challenges 3 Evolution: From Nuisance to Weapon facing security professionals today. This report is a product of IBM Managed Security Services and the IBM X-Force 8 Prolific and Impacting Issues of Q1 2011 research and development team. Each issue focuses on specific challenges and provides a recap of the most significant recent 16 References online threats. IBM Managed Security Services are designed to help an organization improve its information security, by outsourcing security operations or supplementing your existing security teams. The IBM protection on-demand platform helps deliver Managed Security Services and the expertise, knowledge and infrastructure an organization needs to secure its information assets from Internet attacks. The X-Force team provides the foundation for a preemptive approach to Internet security. The X-Force team is one of the best-known commercial security research groups in the world. This group of security experts researches and evaluates vulnerabilities and security issues, develops assessment and countermeasure technology for IBM security products, and educates the public about emerging Internet threats. We welcome your feedback. Questions or comments regarding the content of this report should be addressed to [email protected]. 3 X-Force Threat Insight Quarterly IBM Security Solutions Evolution: From Nuisance to Weapon One of the more notable examples here is Brain3, a boot sector infector which originated in Pakistan and released in 1986, was Creeper, Wabbit, Animal, Elk Cloner, Brain, Vienna, Lehigh, one of the first examples of malware that infected PC’s running Stoned, Jerusalem.
    [Show full text]
  • Virus Bulletin, July 91
    July 1991 ISSN 0956-9979 THE AUTHORITATIVE INTERNATIONAL PUBLICATION ON COMPUTER VIRUS PREVENTION, RECOGNITION AND REMOVAL Editor: Edward Wilding Technical Editor: Fridrik Skulason, University of Iceland Editorial Advisors: Jim Bates, Bates Associates, UK, Phil Crewe, Fingerprint, UK, David Ferbrache, ISIS Ltd., UK, Ray Glath, RG Software Inc., USA, Hans Gliss, Datenschutz Berater, West Germany, Ross M. Greenberg, Software Concepts Design, USA, Dr. Harold Joseph Highland, Compulit Microcomputer Security Evaluation Laboratory, USA, Dr. Jan Hruska, Sophos, UK, Dr. Keith Jackson, Walsham Contracts, UK, Owen Keane, Barrister, UK, John Laws, RSRE, UK, David T. Lindsay, Digital Equipment Corporation, UK, Yisrael Radai, Hebrew University of Jerusalem, Israel, Martin Samociuk, Network Security Management, UK, John Sherwood, Sherwood Associates, UK, Prof. Eugene Spafford, Purdue University, USA, Dr. Peter Tippett, Certus International Corporation, USA, Dr. Ken Wong, PA Consulting Group, UK, Ken van Wyk, CERT, USA. CONTENTS SCANNER UPDATE IBM Triumphs Amidst the ‘Vapourware’ 34 EDITORIAL 2 Results Table 35 TECHNICAL NOTES 3 TUTORIAL PRODUCT REVIEWS Fixed Disk Boot Sectors and 1. SafeWord Virus-Safe 36 Post-Attack Recovery 5 2. Knoxcard: Anti-Virus Hardware 38 Virus Bulletin Education, Training & Awareness Presentations 9 3. Trend Micro Devices’ PC-cillin 40 LETTERS SHAREWARE REVIEW VB Signatures With IBM’s Virscan 10 PC Virus Index 42 Vetting Procedure 10 KNOWN IBM PC VIRUSES 12 END-NOTES & NEWS 44 VIRUS BULLETIN ©1991 Virus Bulletin Ltd, 21 The Quadrant, Abingdon Science Park, Oxon, OX14 3YS, England. Tel (+44) 235 555139. /90/$0.00+2.50 This bulletin is available only to qualified subscribers. No part of this publication may be reproduced, stored in a retrieval system, or transmitted by any form or by any means, electronic, magnetic, optical or photocopying, without the prior written permission of the publishers.
    [Show full text]
  • CIAC 2301 Virus Update May 1998
    Department of Energy CIAC UCRL-MA-115896 Rev. 6 Computer Incident Advisory Capability Virus Information Update CIAC-2301 Gizzing H. Khanaka William J. Orvis May 21, 1998 Lawrence Livermore National Laboratory DISCLAIMER This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. This report has been reproduced directly from the best available copy. Available to DOE and DOE contractors from the Office of Scientific and Technical Information P.O. Box 62, Oak Ridge, TN 37831 Prices available from (615) 576-8401, FTS 626-8401. Available to the public from the National Technical Information Service U.S. Department of Commerce 5285 Port Royal Rd. Springfield, VA 22161 CIAC is the U.S. Department of Energy’s Computer Incident Advisory Capability. Established in 1989, shortly after the Internet Worm, CIAC provides various computer security services to employees and contractors of the DOE, such as: • Incident Handling consulting • Computer Security Information • On-site Workshops • White-hat Audits CIAC is located at Lawrence Livermore National Laboratory and is a part of its Computer Security Technology Center.
    [Show full text]
  • An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St
    University of Missouri, St. Louis IRL @ UMSL Dissertations UMSL Graduate Works 11-22-2005 Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers Thomas Jeffrey Holt University of Missouri-St. Louis, [email protected] Follow this and additional works at: https://irl.umsl.edu/dissertation Part of the Criminology and Criminal Justice Commons Recommended Citation Holt, Thomas Jeffrey, "Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers" (2005). Dissertations. 616. https://irl.umsl.edu/dissertation/616 This Dissertation is brought to you for free and open access by the UMSL Graduate Works at IRL @ UMSL. It has been accepted for inclusion in Dissertations by an authorized administrator of IRL @ UMSL. For more information, please contact [email protected]. Hacks, Cracks, and Crime: An Examination of the Subculture and Social Organization of Computer Hackers by THOMAS J. HOLT M.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2003 B.A., Criminology and Criminal Justice, University of Missouri- St. Louis, 2000 A DISSERTATION Submitted to the Graduate School of the UNIVERSITY OF MISSOURI- ST. LOUIS In partial Fulfillment of the Requirements for the Degree DOCTOR OF PHILOSOPHY in Criminology and Criminal Justice August, 2005 Advisory Committee Jody Miller, Ph. D. Chairperson Scott H. Decker, Ph. D. G. David Curry, Ph. D. Vicki Sauter, Ph. D. Copyright 2005 by Thomas Jeffrey Holt All Rights Reserved Holt, Thomas, 2005, UMSL, p. ii ABSTRACT This dissertation examines both the subculture and social organization practices of computer hackers. The concept of normative orders (Herbert, 1998: 347) is used to explore hacker subculture in different contexts.
    [Show full text]
  • Compliments of Edited by Linda Mccarthy and Denise Weldon-Siviy
    Compliments of Edited by Linda McCarthy and Denise Weldon-Siviy page press Smart Books for Smart People® The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. All trademarks are the property of their respective owners. Publisher: Linda McCarthy Editor in Chief: Denise Weldon-Siviy Managing Editor: Linda McCarthy Cover designer: Alan Clements Cover artist: Nina Matsumoto Interior artist: Heather Dixon Web design: Eric Tindall and Ngenworks Indexer: Joy Dean Lee Interior design and composition: Kim Scott, Bumpy Design Content distribution: Keith Watson The publisher offers printed discounts on this book when ordered in quantity for bulk purchases, or special sales, which may include electronic versions and/or custom covers and content particular to your business, training, goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Education Sales (510) 220-8865 Except where otherwise noted, content in this publication is licensed under the Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License, available at http://creativecommons.org/licenses/by-sa/3.0/us/legalcode. ISBN 978-0-615-37366-9 Library of Congress Cataloging-in-publication Data McCarthy, Linda Own your space : keep yourself and your stuff safe online / Linda McCarthy. ISBN 978-0-615-37366-9 (electronic) 1. Computer security. 2. Computers and children.
    [Show full text]
  • Hacker, Hoaxer, Whistleblower, Spy: the Story of Anonymous
    hacker, hoaxer, whistleblower, spy hacker, hoaxer, whistleblower, spy the many faces of anonymous Gabriella Coleman London • New York First published by Verso 2014 © Gabriella Coleman 2014 The partial or total reproduction of this publication, in electronic form or otherwise, is consented to for noncommercial purposes, provided that the original copyright notice and this notice are included and the publisher and the source are clearly acknowledged. Any reproduction or use of all or a portion of this publication in exchange for financial consideration of any kind is prohibited without permission in writing from the publisher. The moral rights of the author have been asserted 1 3 5 7 9 10 8 6 4 2 Verso UK: 6 Meard Street, London W1F 0EG US: 20 Jay Street, Suite 1010, Brooklyn, NY 11201 www.versobooks.com Verso is the imprint of New Left Books ISBN-13: 978-1-78168-583-9 eISBN-13: 978-1-78168-584-6 (US) eISBN-13: 978-1-78168-689-8 (UK) British Library Cataloguing in Publication Data A catalogue record for this book is available from the British library Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the library of congress Typeset in Sabon by MJ & N Gavan, Truro, Cornwall Printed in the US by Maple Press Printed and bound in the UK by CPI Group Ltd, Croydon, CR0 4YY I dedicate this book to the legions behind Anonymous— those who have donned the mask in the past, those who still dare to take a stand today, and those who will surely rise again in the future.
    [Show full text]
  • Twenty Years Before the Mouse
    Twenty years before the mouse. Aryeh Goretsky Distinguished Researcher Table of Contents Introduction 3 Fiat Lux 4 Brain Damage: Rootkits 1980s-Style 4 On-the-Job Training 5 Ransomware: Then and Now 5 War of the Parasites 6 Writing Viruses for Fun and Profit 9 Somebody Set Us Up the Bomb 11 Profits of Doom 12 This Way to the Egress 16 Acknowledgements 17 Sources 18 Title note: With apologies to author Charles Erskine’s “Twenty Years Before the Mast: With the more thrilling scenes and incidents while circumnavigating the globe under the command of the late Admiral Charles Wilkes 1838-1842.” Boston (privately printed), 1890. 2 Twenty years before the mouse Introduction For the past several years, I have been deep in the dark bowels of ESET, LLC’s Research Department—as the department’s Special Projects Manager, working on tasks that are vital at antivirus companies but generally go unnoticed by the public, testing things, making things, aggregating data from disparate sources, providing commentary and analysis and all the other myriad tasks one has to perform as a manager. One such regular responsibility is drafting new research topics alongside security expert Jeff Debrosse, the head of Research at ESET. Jeff is no stranger to visitors of ESET, LLC’s blog or readers of its white papers. He has written many of both and has been involved in the creation of others to varying extents. But as Senior Director, he is not just a frequent author or speaker but responsible for the operation of the department as well. And that means occasionally getting one of us to write a white paper.
    [Show full text]
  • Computer Viruses a Global Persp Ective
    In Proceedings of the th Virus Bulletin International Conference Boston September Virus Bulletin Ltd Abingdon England pp Computer Viruses A Global Persp ective Steve R White Jerey O Kephart and David M Chess High Integrity Computing Lab oratory IBM Thomas J Watson Research Center PO Box Yorktown Heights NY Intro duction Technical accounts of computer viruses usually fo cus on the microscopic details of individual viruses their structure their function the typ e of host programs they infect etc The media tends to fo cus on the so cial implications of isolated scares Such views of the virus problem are useful but limited in scop e One of the missions of IBMs High Integrity Computing Lab oratory is to understand the virus problem from a global p ersp ective and to apply that knowledge to the development of antivirus technology and measures We have employed two complementary approaches observational and theoretical virus epidemiology Observation of a large sample p opulation for six years has given us a go o d understanding of many asp ects of virus prevalence and virus trends while our theoretical work has b olstered this understanding by suggesting some of the mechanisms that govern the b ehavior that we have observed In this pap er we review some of the main ndings of our previous work In brief we show that while thousands of DOS viruses exist to day less than of these have actually b een seen in real virus incidents Viruses do not tend to spread wildly Rather it takes months or years for a virus to b ecome widespread and
    [Show full text]
  • Class -VII Super Computer Exercise Corner Specimen Copy Year- 2020-21
    s Class -VII Super Computer Exercise Corner Specimen Copy Year- 2020-21 Page 1 CH-9 Computer Security Focus of the chapter 1. Computer Virus 2. Symptoms of virus 3. Types of virus 4. Other harmful programs 5. Antivirus software Keywords Virus – a program designed to perform undesired and malicious actions. Spam –Unsolicited and unwanted email Trojan Horse – a harmful program that damages the computer once it runs. Quarantining – isolation of a file by antivirus software Checkpoint Fill in the blanks. 1. The term Malware is formed by the combination of the words – malicious and software. 2. A virus can infect the files in your computer. 3. Elk Cloner, Brain, Disk killer and stoned virus are types of boot sector viruses. 4. A file infector virus infects program and executable files. 5. Spam refers to unsolicited and unwanted email. 6. Elkern, Marburg, Satan Bug and Tuareg are examples of Polymorphic viruses Page 2 Checkpoint A. Match the columns. 1 Trojan Horse a runs in the background of another file. 2 Worm b An Advertising Supported software 3 Backdoor virus c Although safe, but damages the system once it runs 4 Spyware d Can multiply itself over a network 5 Adware e Collects information about the Internet surfing habits of the user Ans. 1 – c 2 – d 3 – a 4 – e 5 - b B. Fill in the blanks. 1. Quarantining a file is the first action performed by an antivirus software. 2. In repairing method, the antivirus removes the virus code and repairs the file. 3. Repairing a file is the best method to remove a virus code and restore the file to its original form.
    [Show full text]