Virus and worms analysis

935 views

Published on

Its an intro type about the virus & what it does

Published in: Design, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
935
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
79
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Virus and worms analysis

  1. 1. 
  2. 2.   Virus:  It is an application that self replicates by injecting its code into other data files.  It spreads and attempts to consume specific targets and are normally executables.  Worm:  It copies itself over a network.  It is a program that views the infection point as another computer rather than as other executables files
  3. 3.   IRC  ICQ  Email Attachments  Physical Access  Browser & email Software Bugs  Advertisements  NetBIOS  Fake Programs Fake Programs  Untrusted Sites & freeware Software
  4. 4.   Your computer can be infected even if files are just copied  Can be memory or non-memory resident  Can be a stealth virus  Viruses can carry other viruses  Can make the system never show outward signs  Can stay on the computer even if the computer is formatted.
  5. 5.  In this phase virus developers decide - When to Infect program - Which programs to infect
  6. 6.  Some viruses infect the computer as soon as virus file installed in computer.  Some viruses infect computer at specific date, time or particular event.  TSR viruses loaded into memory & later infect the PCs. Continued…..
  7. 7.  In this phase Virus will: - Delete files. - Replicate itself to another PCs. - Corrupt targets only
  8. 8.  3. 5. 2. 1. 4. 6.
  9. 9.   Macro Virus –  Spreads & Infects database files.  File Virus –  Infects Executables.  Source Code Virus –  Affects & Damage source code.  Network Virus –  Spreads via network elements & protocols.
  10. 10.   Boot Virus –  Infects boot sectors & records.  Shell Virus –  Virus Code forms shell around target host’s genuine program & host it as sub routine.  Terminate & Stay Resident Virus –  Remains permanently in the memory during the work session even after target host is executed & terminated. Continued…..
  11. 11.   Same “last Modified” Date.  Overwriting Unused areas of the .exe files.  Killing tasks of Antivirus Software  Avoiding Bait files & other undesirable hosts  Making stealth virus  Self Modification on each Infection  Encryption with variable key.  Polymorphic code Polymorphic code
  12. 12.   Same “last Modified” Date.  In order to avoid detection by users, some viruses employ different kinds of deception.  Some old viruses, especially on the MS- DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus.  This approach sometimes fool anti-virus s/w
  13. 13.   Bait files (or goat files) are files that are specially created by anti-virus software, or by anti-virus professionals themselves, to be infected by a virus.  Many anti-virus programs perform an integrity check of their own code.  Infecting such programs will therefore increase the likelihood that the virus is detected.  Anti-virus professionals can use bait files to take a sample of a virus

×