For any query mail to or BITS Pilani Lecture # 1.

Slides:

Advertisements

Similar presentations

Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.

Advertisements

Thank you to IT Training at Indiana University Computer Malware.

September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Lecturer: Fadwa Tlaelan

Unit 18 Data Security 1.

Computer Viruses.

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Created by Dragon Lee May Computer Virus What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys.

By Hassan Abu daqen & montaser elsabe3 & Nidal Abu saif.

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Video Following is a video of what can happen if you don’t update your security settings! security.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Computer Viruses Preetha Annamalai Niranjan Potnis.

Lecture 8: Files and Viruses Tonga Institute of Higher Education IT 141: Information Systems.

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:

The Code of Life: A Look at Emerging Artificial Life The Virus AGCGTGGCAGC ATCCTACGACT GCACGATCCTC GATCGACGTGA CGTGACGTAGC GGGACTCGATC

D. Beecroft Fremont High School VIRUSES.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.

1 Higher Computing Topic 8: Supporting Software Updated

1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

CSCE 522 Lecture 12 Program Security Malicious Code.

10/11/2015 Computer virus By Al-janabi Rana J 1. 10/11/2015 A computer virus is a computer program that can copy itself and infect a computer without.

Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.

Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.

Everything you wanted to know about Computer Viruses.

Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.

For more notes and topics visit: eITnotes.com.

Name: Perpetual Ifeanyi Onyia Topic: Virus, Worms, & Trojan Horses.

What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys or erases data files.

30.1 Lecture 30 Security II Based on Silberschatz & Galvin’s slides And Stallings’ slides.

CIS 442: Chapter 2 Viruses. Malewares Maleware classifications and types Viruses Logical and time bombs Trojan horses and backdoors Worms Spam Spyware.

Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.

Computer Viruses and Worms By: Monika Gupta Monika Gupta.

Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi.

Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.

Submitted By :- Neeraj Kumar Singh Branch :Electronics&communication Topic : computer Viruses Submitted to :- Ms. Veena Gupta.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

Chapter 19 – Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature: Awaiting the blow. —On War,

Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.

 Stealth viruses Use certain techniques to avoid detection.  Macro Viruses Infects the macros within a document or template.  Polymorphic viruses Encrypt.

Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.

Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.

W elcome to our Presentation. Presentation Topic Virus.

1 Computer Virus and Antivirus A presentation by Sumon chakreborty Roll no-91/CSE/ Reg.no of

MALICIOUS SOFTWARE Rishu sihotra TE Computer

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.

DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.

COMPUTER VIRUSES ….! Presented by: BSCS-I Maheen Zofishan Saba Naz Numan Sheikh Javaria Munawar Aisha Fatima.

COMPUTER VIRUSES Computer Technology. What is a Computer Virus? A kind of A kind of Malicious software written intentionallyMalicious software written.

Detected by, M.Nitin kumar ( ) Sagar kumar sahu ( )

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

VIRUSES & ANTI- VIRU-SES. WHAT IS A COMPUTER VIRUS? A computer virus is a small software program that spreads from one computer to another computer and.

COMPUTER VIRUSES Computer Technology.

computer virus infection & symptoms

Computer Technology Notes 5

Viruses, Malicious Code, & Other Nasty Stuff

Chap 10 Malicious Software.

UNIT 18 Data Security 1.

Chap 10 Malicious Software.

Presentation transcript:

For any query mail to or BITS Pilani Lecture # 1

For any query mail to or Agenda  What is a Computer Virus?  Similar Terms – Trapdoor or Backdoor, Logic Bomb, Rabbit, Trojan Horse, Trojan Mule, Spyware, Adware, Worm, Malware  Classes of Virus  Functional Elements of Virus

For any query mail to or And God blessed them, saying "Be fruitful and multiply”

For any query mail to or What is a Computer Virus? A self-replicating piece of executable computer code embedded within a host program.

For any query mail to or  Trapdoor or Backdoor : Secret undocumented entry point into a program used to grant access without normal methods of access authentication.  Logic Bomb : A computer program that is triggered under certain conditions specific to the requirements set forth by the programmer of the logic bomb.  Rabbit : A program that consumes system resources by replicating itself. Similar Terms

For any query mail to or  Trojan Horse : An apparently useful program containing functions not intended by user or advertised in standard behavior.  Trojan Mule : A program which emulates some aspect of the system’s standard behavior such as login prompt with a view of collecting system passwords.  Spyware : A program that relays private information to distant computer. Similar Terms Contd..

For any query mail to or  Adware : Delivers advertising to user.  Worm : Independent program which replicates itself and send s copies from computer to computer across network connection.  Malware : MALicious softWARE. Similar Terms Contd..

For any query mail to or Classification of Virus What they infect?How they infect? System Sector VirusPolymorphic Virus File Virus Fast and Slow Infector Macro Virus Sparse Infectors Companion Virus Armored Virus Cluster Virus Multipartite Virus Script Virus Stealth Virus Application Specific VirusCavity (Spacefiller) Virus Tunneling Virus Camouflage Virus NTFS ADS Virus

For any query mail to or Classification of Virus : What they infect  System Sector Virus : Infects floppy disk boot records or master boot records in hard disks & replaces the boot record program (which is responsible for loading the operating system in memory) copying it elsewhere on the disk or overwriting it & thus takes control over the system.  File Virus : Infects executable program files, such as those with extensions like.BIN,.COM,.EXE,.OVL,.DRV (driver) and.SYS (device driver). These programs are loaded in memory during execution, taking the virus with them. The virus becomes active in memory, making copies of itself and infecting files on disk.

For any query mail to or Classification of Virus : What they infect  Macro Virus : Infects the macros within a document or template. When word processing or spreadsheet document is opened, macro virus is activated and it infects the Normal template (Normal.dot) - a general purpose file that stores default document formatting settings. Every document opened refers to the Normal template, and hence gets infected with the macro virus. Since this virus attaches itself to documents, the infection can spread if such documents are opened on other computers.  Companion Virus : Locates files with names ending in EXE and creates a matching file name ending in COM that contains the viral code.

For any query mail to or Classification of Virus : What they infect  Cluster Virus : Infects files by changing the DOS directory information so that directory entries point to the virus code instead of the actual program. When program is run, DOS first loads and executes the virus code, the virus then locates the actual program and executes it.  Script Virus : Written in a variety of scripting languages (VBS, JavaScript, BAT, PHP etc.). They either infect other scripts e.g. Windows or Linux command and service files, or form a part of multi-component viruses. Script viruses are able to infect other file formats, such as HTML, if the file format allows the execution of scripts.

For any query mail to or Classification of Virus : What they infect  Application-Specific Virus : Attaches itself to a specific file, rather than attacking any file of a given type. Makes use of a detailed knowledge of the files they attack to hide better than would be possible if they were able to infiltrate just any file. For example, they might hide in a data area inside the program rather than lengthening the file. However, in order to do that, the virus must know where the data area is located in the program, and that differs from program to program.

For any query mail to or  Polymorphic Virus : Changes their characteristics as they infect, each copy of the virus looks different than the other copies.  Fast infector : Infects programs not just when they are run, but also when they are simply accessed. The purpose of this type of infection is to ride on the back of anti-virus software to infect files as they are being checked.  Slow infector : Infects files when they are created or modified. Because the user knows the file is being changed, they will be less likely to suspect the changes also represent an infection. Classification of Virus : How they infect

For any query mail to or Classification of Virus : How they infect  Sparse Infectors : To avoid detection don’t infect always. For e.g. a virus can infect every 20 th time a file is executed.  Armored Virus : Overlaps other classes of viruses and thus makes disassembly difficult.  Multipartite Virus : A hybrid of Boot and Program viruses. They infect program files and when the infected program is executed, these viruses infect the boot record. When you boot the computer next time the virus from the boot record loads in memory and then starts infecting other program files on disk.

For any query mail to or Classification of Virus : How they infect  Stealth Virus : Uses certain techniques to avoid detection. They may either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading of the infected file’s size shown in the directory listing. For instance, the Whale virus adds 9216 bytes to an infected file; then the virus subtracts the same number of bytes (9216) from the size given in the directory.  Cavity (Spacefiller) Virus : Attempts to install itself in this empty space of program while not damaging the actual program itself. An advantage of this is that the virus then does not increase the length of the program and can avoid the need for some stealth techniques.

For any query mail to or Classification of Virus : How they infect  Tunneling Virus : Attempts to bypass activity monitor anti-virus programs by following the interrupt chain back down to the basic DOS or BIOS interrupt handlers and then installing itself.  Camouflage Virus : Camouflages itself to look like something the scanner was programmed to ignore.  NTFS ADS Virus : Exploit the Alternate Data Streams of NTFS file system.

For any query mail to or Functional Elements of Virus  Search Routine : Locates new files or new areas on disk which are worthwhile targets for infection. Determines how well the virus reproduces.  Copy Routine : Copies virus into the area which the search routine locates.  Anti Detection Routine : Tries to save the virus from being detected.

For any query mail to or Functional Elements of Virus

For any query mail to or Before We Wrap Up..  Disclaimer : NSF is not responsible to any damage caused by using any of the techniques explained in this presentation.