Presentation on topic : Antivirus and Compression Tools Submitted by: Arun Bhatt Submitted to: Class :BBA part I Roll No. : 05 Gohar Ahmed Sir
Contents:Antivirus section: Compression tools: Introduction Introduction History How file compression Identification methods works Issues of concern Softwares used for compression.
Antivirus or anti-virus softwareIs used to prevent, detect, and remove malware, including but notlimited to computer viruses, computer worm, Trojanhorses, spyware and adware.A variety of strategies are typically employed: Signature-baseddetection involves searching for known patterns of datawithin executable code. However, it is possible for a computer to beinfected with new malware for which no signature is yet known.To counter such so-called zero-day threats, heuristics can be used.
History.Most of the computer viruses written in the early and mid 1980s were limited to self-reproduction and had no specific damage routine built into the code that changedwhen more and more programmers became acquainted with virus programming andcreated viruses that manipulated or even destroyed data on infected computers.The first publicly recorded removal of a computer virus in the world was performedby Bernd Fix in 1987.Fred Cohen, who published one of the first academic papers on computer viruses in1984 began to improve strategies for antivirus software in 1988 that were picked upand continued by later antivirus software developers.
Identification methods:There are several methods which antivirus software can use to identify malware.Signature based identification is the most common method. To identify viruses and othermalware, antivirus software compares the contents of a file to a dictionary of virussignatures. Because viruses can embed themselves in existing files, the entire file issearched, not just as a whole, but also in pieces.Heuristic-based detection, like malicious activity detection, can be used to identifyunknown viruses.File emulation is another heuristic approach. File emulation involves executing a programin a virtual environment and logging what actions the program performs.
Signature-based identificationTraditionally, antivirus software heavily relied upon signatures to identifymalware. This can be very effective, but cannot defend against malwareunless samples have already been obtained and signatures created. Becauseof this, signature-based approaches are not effective against new, unknownviruses.
HeuristicsWhile it may be advantageous to identify a specific virus, it can be quicker to detecta virus family through a generic signature or through an inexact match to an existingsignature. Virus researchers find common areas that all viruses in a family shareuniquely and can thus create a single generic signature. These signatures oftencontain non-contiguous code, using wildcard characters where differences lie. Thesewildcards allow the scanner to detect viruses even if they are padded withextra, meaningless code A detection that uses this method is said to be "heuristicidentification."
Issues of concernSystem and interoperability related issuesRunning multiple antivirus programs concurrently can degrade performance and createconflicts.It is sometimes necessary to temporarily disable virus protection when installing majorupdates such as Windows Service Packs or updating graphics card drivers. Active antivirusprotection may partially or completely prevent the installation of a major update.New virusesAnti-virus programs are not always effective against new viruses, even those that usenon-signature-based methods that should detect new viruses. The reason for this isthat the virus designers test their new viruses on the major anti-virus applications tomake sure that they are not detected before releasing them into the wild.
introduction to Compression tools•Compression, source coding or bit-rate reduction involves encoding information usingfewer bits than the original representation would use.•Compression programs or file compressors are the programs or utilities which are used forcompression of files•Data compression is particularly useful in communications because it enables devices totransmit or store the same amount of data in fewer bits and thereby saving the space on one’shard disk•Data compression is also widely used in backup utilities, spreadsheetapplications, and database management systems. Certain types of data, such as bit-mappedgraphics, can be compressed to a small fraction of their normal size.•The most common example of compression tool used are Win RAR, WinZip and 7zip etc.
HOW FILE COMPRESSION WORKS• File-compression programs simply get rid of the redundancy. Instead of listing a piece ofinformation over and over again, a file-compression program lists that information once andthen refers back to it whenever it appears in the original program.• As an example, lets look at a type of information were all familiar with: words. Consider the following line"Ask not what your country can do for you -- ask what you can do for your country."The quote has 17 words, made up of 61 letters, 16 spaces, one dash and one period. If eachletter, space or punctuation mark takes up one unit of memory we get a total file size of 79units. To get the file size down, we need to look for redundancies.Immediately, we notice that:"ask" appears two times , "what" appears two times, "your" appears two times"country" appears two times , "can" appears two times , "do" appears two times"for" appears two times , “you" appears two times.
Contd..• Ignoring the difference between capital and lower-case letters, roughly half of the phrase is redundant. Nine words -- ask, not, what, your, country, can, do, for, you -- give us almost everything we need for the entire quote.• To construct the second half of the phrase, we just point to the words in the first half and fill in the spaces and punctuation• The above example gives us a simple and basic idea about the working of file compressors.
Commonly used compression tools1. 7 ZIP : 7-Zip is an open source file archiver. 7-Zip operates with the 7z archive format, but can read and write several other archive formats. The program can be used from a command line interface, graphical user interface, or with Microsoft Windows shell integration. 7-Zip began in 1999 and is actively developed by Igor Pavlov. By default, 7-Zip creates 7z format archives with a .7z file extension.2. WIN RAR : WinRAR is a shareware file archiver and data compression utility developed by Eugene Roshal, and first released in autumn of 1993.It is one of the few applications that is able to create RAR archives natively, because the encoding method is held to be proprietary.
3. Win zip: WinZip is a proprietary file archiver and compressor for Microsoft Windows and Mac OS X, developed by WinZip Computing (formerly Nico Mak Computing). It natively uses the PKZIP format but also has various levels of support for other archive formats. WinZip has a 45-day free evaluation period, after which the program would still work even if the user had not registered, albeit with reduced functionality.