Evolution of Computer Viruses and Antivirus Software
1. Information & Communication
Technology (ICT)
Computer-aided design (CAD)
&
Computer Aided Manufacturing (CAM)
DIT Part 1
Lecture 19
Copyrights By Tanveer Malik
2. Computer Virus
• A computer virus is a computer program that
can copy itself and infect a computer without
the permission or knowledge of the owner.
• One of the first detected virus was the
Creeper virus in the early 70’s
• Before computer networks became
widespread, most viruses spread on
removable media, particularly floppy disk.
Copyrights By Tanveer Malik
3. Computer Virus
• A virus is a small piece of software that
piggybacks on real programs in order to get
executed
• Once it’s running, it spreads by inserting
copies of itself into other executable code or
documents
Copyrights By Tanveer Malik
4. Basic Computer Viruses
• Trojan Horses
– appears as interesting program file but when installed it
allows intruders to access and read your files
• Worms
– virus that copies and multiplies itself by using computer
networks and security flaws
• E-mail Viruses
– use e-mail messages to spread which allow it to
automatically forward itself to thousands
of people
Copyrights By Tanveer Malik
5. Types of Viruses
• Boot Sector Virus
– Infects the boot or MBR of diskettes and hard drives through the
sharing of infected disks and pirated software applications
– Once your hard drive is infected all diskettes that you use in your
computer will be infected
• Program Virus
– Becomes active when the program file (usually with extensions .BIN,
.COM, .EXE, .OVL, .DRV) carrying the virus is opened
– It then makes copies of itself and will infect other programs on the
computer
• Multipartite Virus
– Hybrid of a Boot Sector and Program viruses
– It infects program files and when the infected program is active it will
affect the boot record
Copyrights By Tanveer Malik
6. Types of Viruses
• Stealth Virus
– Disguises itself to prevent from being detected by antivirus software
– It alters its file size or conceals itself in memory
• Polymorphic Virus
– Act like a chameleon, changing its virus signature (binary pattern)
every time it multiples and infects a new file
• Macro Virus
– Programmed as a macro embedded in a document, usually found in
Microsoft Word and Excel
– Once it gets in to your computer, every document you produce will
become infected
– Relatively new type of virus and may slip by your antivirus software if
you don't have the most recent version installed
Copyrights By Tanveer Malik
7. Signs Your Computer is Infected
• Functions slower than normal
• Responds slowly and freezes
often
• Restarts itself often
• See uncommon error messages,
distorted menus, and dialog boxes
• Notice applications fail to work correctly
• Fail to print correctly
Copyrights By Tanveer Malik
8. Total Number of Viruses By Bear
January 1985 1
January 1985 1
January 1987 3
January 1989 6
January 1990 142
January 1991 357
January 1992 1,161
January 1993 2,482
January 1994 3,687
January 1995 5,626
January 1996 7,764
January 1997 11,037
January 1998 16,726
January 1999 40,850
January 2000 44,000
January 2001 48,000
January 2002 55,000
January 2003 62,000
Copyrights By Tanveer Malik
9. Melissa
• Another virus that fired up the media was Melissa, a Word
macro virus.
• When people received the host Word document via email
and opened it, the virus sent a copy of itself to the first 50
people in the victim's address book.
• Named after a topless dancer in Florida, the Melissa virus
crashed the email servers of corporations and governments
in different spots around the world.
• The Computer Emergency Response Team, set up after
Robert Morris mucked up the Internet with his worm in
1988, estimated that the virus hit 100,000 computers in its
first weekend.
• David L. Smith posted the infected file to an alt.sex usenet
group using a stolen AOL account. Initially he entered a
plea of innocence, but after being confronted with a
maximum sentence of 40 years in prison, he eventually
pled guilty and received a much-reduced sentence.
Copyrights By Tanveer Malik
10. Love You, Love Bug
• By almost any measure, the so-called Love Bug
was the most damaging and costly virus ever.
• We don't know who comes up with these whack
figures, but according to Reuters the bug cost the
world $15 billion in lost productivity.
The Love Bug spread far faster than Melissa.
• Unlike Melissa, it would mail itself to everyone in
your Outlook address book -- most of whom
would probably be delighted to read about how
you love them -- not just the first fifty.
• Moreover, it would gobble up certain media files
stored on your hard drive.
Copyrights By Tanveer Malik
11. Did you know
• One German newspaper
tragically lost 2,000 pictures
from its archive.
• The perpetrator turned out to
be a 23-year-old Filipino
computer science student who
more or less plagiarized all of his
code.
• The lack of laws in the
Philippines covering computer
crimes, he pretty much got away
with his crime.
Copyrights By Tanveer Malik
12. Prevention
• Upload and use antivirus
software
• Be aware of the e-mails and
attachments you open
• Check for updates on antivirus
software regularly
• Make sure antivirus software
is installed correctly
Copyrights By Tanveer Malik
14. Computer Antivirus
• Antivirus or anti-virus software (often
abbreviated as AV), sometimes known as anti-
malware software, is computer software used
to prevent, detect and remove malicious
software.
• Antivirus software was originally developed to
detect and remove computer viruses, hence
the name.
Copyrights By Tanveer Malik
15. Computer Antivirus
• Anti-Virus Software are computer programs
that attempt to identify, neutralize or
eliminate malicious software.
• Most modern antivirus software is now
designed to combat a wide range of threats,
including worms, rootkits, Trojans, often
described collectively as malware.
Copyrights By Tanveer Malik
16. APPROACHES TO DETECT VIRUSES
1. THE SIGNATUREAPPROACH:
• Just like the police traces patterns in crimes
back to a criminal ,software engineers can
reverse engineer a virus to find the signature it
leaves.
• This signature is added to the database so that
when buster performs a virus scan, each file is
scanned for matches with any virus’ signature
Copyrights By Tanveer Malik
17. 2.THE SANDBOX APPROACH:
• A ‘sandbox is an advanced program that
emulates an OS.
• A suspect executable file is run within the
confines of a sandbox and then the sandbox is
examined to see what changes were made.
APPROACHES TO DETECT VIRUSES
Copyrights By Tanveer Malik
18. 3.THE HEURISTIC APPROACH:
• This analyses a program for ‘seemingly’
malicious behavior ,heuristics is effective
against undocumented viruses .
• The buster of the future might eliminate the
need for continual monitoring of new viruses..
APPROACHES TO DETECT VIRUSES
Copyrights By Tanveer Malik
19. Manual Prevention from Viruses
• Delete your browsing history, temporary internet files, internet
cookies before exiting .
• Always remember to scan any removable hardware using anti-
virus software before accessing it. Removable hardware
includes Floppy Disks, CD, USB Drive.
• Scan your computer every week using anti-virus software like
Norton, McAfee for prevention against malware
• Update your anti-virus for new and latest virus definitions.
• Create a system restore point before installing any software or
freeware.
Copyrights By Tanveer Malik