• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Virus and worms analysis

Virus and worms analysis



Its an intro type about the virus & what it does

Its an intro type about the virus & what it does



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Virus and worms analysis Virus and worms analysis Presentation Transcript

    •   Virus:  It is an application that self replicates by injecting its code into other data files.  It spreads and attempts to consume specific targets and are normally executables.  Worm:  It copies itself over a network.  It is a program that views the infection point as another computer rather than as other executables files
    •   IRC  ICQ  Email Attachments  Physical Access  Browser & email Software Bugs  Advertisements  NetBIOS  Fake Programs Fake Programs  Untrusted Sites & freeware Software
    •   Your computer can be infected even if files are just copied  Can be memory or non-memory resident  Can be a stealth virus  Viruses can carry other viruses  Can make the system never show outward signs  Can stay on the computer even if the computer is formatted.
    •  In this phase virus developers decide - When to Infect program - Which programs to infect
    •  Some viruses infect the computer as soon as virus file installed in computer.  Some viruses infect computer at specific date, time or particular event.  TSR viruses loaded into memory & later infect the PCs. Continued…..
    •  In this phase Virus will: - Delete files. - Replicate itself to another PCs. - Corrupt targets only
    •  3. 5. 2. 1. 4. 6.
    •   Macro Virus –  Spreads & Infects database files.  File Virus –  Infects Executables.  Source Code Virus –  Affects & Damage source code.  Network Virus –  Spreads via network elements & protocols.
    •   Boot Virus –  Infects boot sectors & records.  Shell Virus –  Virus Code forms shell around target host’s genuine program & host it as sub routine.  Terminate & Stay Resident Virus –  Remains permanently in the memory during the work session even after target host is executed & terminated. Continued…..
    •   Same “last Modified” Date.  Overwriting Unused areas of the .exe files.  Killing tasks of Antivirus Software  Avoiding Bait files & other undesirable hosts  Making stealth virus  Self Modification on each Infection  Encryption with variable key.  Polymorphic code Polymorphic code
    •   Same “last Modified” Date.  In order to avoid detection by users, some viruses employ different kinds of deception.  Some old viruses, especially on the MS- DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus.  This approach sometimes fool anti-virus s/w
    •   Bait files (or goat files) are files that are specially created by anti-virus software, or by anti-virus professionals themselves, to be infected by a virus.  Many anti-virus programs perform an integrity check of their own code.  Infecting such programs will therefore increase the likelihood that the virus is detected.  Anti-virus professionals can use bait files to take a sample of a virus