0


 Virus:
 It is an application that self replicates by
injecting its code into other data files.
 It spreads and attem...

 IRC
 ICQ
 Email Attachments
 Physical Access
 Browser & email Software
Bugs
 Advertisements
 NetBIOS
 Fake Prog...

 Your computer can be infected even if files are just
copied
 Can be memory or non-memory resident
 Can be a stealth ...

In this phase virus
developers decide
- When to Infect program
- Which programs to infect
 Some viruses infect the computer as soon as virus
file installed in computer.
 Some viruses infect computer at specific...

In this phase Virus will:
- Delete files.
- Replicate itself to another PCs.
- Corrupt targets only

3.
5.
2.
1.
4.
6.

 Macro Virus –
 Spreads & Infects database files.
 File Virus –
 Infects Executables.
 Source Code Virus –
 Affect...

 Boot Virus –
 Infects boot sectors & records.
 Shell Virus –
 Virus Code forms shell around target host’s genuine p...

 Same “last Modified” Date.
 Overwriting Unused areas of the .exe
files.
 Killing tasks of Antivirus Software
 Avoid...

 Same “last Modified” Date.
 In order to avoid detection by users, some
viruses employ different kinds of
deception.
...

 Bait files (or goat files) are files that are
specially created by anti-virus
software, or by anti-virus professionals...
Upcoming SlideShare
Loading in...5
×

Virus and worms analysis

613

Published on

Its an intro type about the virus & what it does

Published in: Design, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
613
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
71
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Virus and worms analysis"

  1. 1. 
  2. 2.   Virus:  It is an application that self replicates by injecting its code into other data files.  It spreads and attempts to consume specific targets and are normally executables.  Worm:  It copies itself over a network.  It is a program that views the infection point as another computer rather than as other executables files
  3. 3.   IRC  ICQ  Email Attachments  Physical Access  Browser & email Software Bugs  Advertisements  NetBIOS  Fake Programs Fake Programs  Untrusted Sites & freeware Software
  4. 4.   Your computer can be infected even if files are just copied  Can be memory or non-memory resident  Can be a stealth virus  Viruses can carry other viruses  Can make the system never show outward signs  Can stay on the computer even if the computer is formatted.
  5. 5.  In this phase virus developers decide - When to Infect program - Which programs to infect
  6. 6.  Some viruses infect the computer as soon as virus file installed in computer.  Some viruses infect computer at specific date, time or particular event.  TSR viruses loaded into memory & later infect the PCs. Continued…..
  7. 7.  In this phase Virus will: - Delete files. - Replicate itself to another PCs. - Corrupt targets only
  8. 8.  3. 5. 2. 1. 4. 6.
  9. 9.   Macro Virus –  Spreads & Infects database files.  File Virus –  Infects Executables.  Source Code Virus –  Affects & Damage source code.  Network Virus –  Spreads via network elements & protocols.
  10. 10.   Boot Virus –  Infects boot sectors & records.  Shell Virus –  Virus Code forms shell around target host’s genuine program & host it as sub routine.  Terminate & Stay Resident Virus –  Remains permanently in the memory during the work session even after target host is executed & terminated. Continued…..
  11. 11.   Same “last Modified” Date.  Overwriting Unused areas of the .exe files.  Killing tasks of Antivirus Software  Avoiding Bait files & other undesirable hosts  Making stealth virus  Self Modification on each Infection  Encryption with variable key.  Polymorphic code Polymorphic code
  12. 12.   Same “last Modified” Date.  In order to avoid detection by users, some viruses employ different kinds of deception.  Some old viruses, especially on the MS- DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus.  This approach sometimes fool anti-virus s/w
  13. 13.   Bait files (or goat files) are files that are specially created by anti-virus software, or by anti-virus professionals themselves, to be infected by a virus.  Many anti-virus programs perform an integrity check of their own code.  Infecting such programs will therefore increase the likelihood that the virus is detected.  Anti-virus professionals can use bait files to take a sample of a virus
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×