Computer viruses and worms
Download
1 / 23

Computer Viruses and Worms - PowerPoint PPT Presentation


Computer Viruses and Worms Dragan Lojpur Zhu Fang Definition of Virus A virus is a small piece of software that piggybacks on real programs in order to get executed Once it ’ s running, it spreads by inserting copies of itself into other executable code or documents Computer Virus Timeline

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Computer Viruses and Worms ' - betty_james


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Computer viruses and worms l.jpg

Computer Viruses and Worms

Dragan Lojpur

Zhu Fang


Definition of virus l.jpg
Definition of Virus

  • A virus is a small piece of software that piggybacks on real programs in order to get executed

  • Once it’s running, it spreads by inserting copies of itself into other executable code or documents


Computer virus timeline l.jpg
Computer Virus Timeline

  • 1949

    Theories for self-replicating programs are first developed.

  • 1981

    Apple Viruses 1, 2, and 3 are some of the first viruses “in the wild,” or in the public domain. Found on the Apple II operating system, the viruses spread through Texas A&M via pirated computer games.

  • 1983

    Fred Cohen, while working on his dissertation, formally defines a computer virus as “a computer program that can affect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of itself.”

  • 1986

    Two programmers named Basit and Amjad replace the executable code in the boot sector of a floppy disk with their own code designed to infect each 360kb floppy accessed on any drive. Infected floppies had “© Brain” for a volume label.

  • 1987

    The Lehigh virus, one of the first file viruses, infects command.com files.

  • 1988

    One of the most common viruses, Jerusalem, is unleashed. Activated every Friday the 13th, the virus affects both .exe and .com files and deletes any programs run on that day.

    MacMag and the Scores virus cause the first major Macintosh outbreaks.


Worms l.jpg
Worms

  • Worm - is a self-replicating program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program; however, a worm is self-contained and does not need to be part of another program to propagate itself.


History of worms l.jpg
History of Worms

  • The first worm to attract wide attention, the Morris worm, was written by Robert Tappan Morris, who at the time was a graduate student at Cornell University.

  • It was released on November 2, 1988

  • Morris himself was convicted under the US Computer Crime and Abuse Act and received three years probation, community service and a fine in excess of $10,000.

  • Xerox PARC


Worms6 l.jpg
Worms…

  • Worms – is a small piece of software that uses computer networks and security holes to replicate itself. A copy of the worm scans the network for another machine that has a specific security hole. It copies itself to the new machine using the security hole, and then starts replicating from there, as well.

  • They are often designed to exploit the file transmission capabilities found on many computers.


Zombies l.jpg
Zombies

  • Infected computers — mostly Windows machines — are now the major delivery method of spam.

  • Zombies have been used extensively to send e-mail spam; between 50% to 80% of all spam worldwide is now sent by zombie computers


Money flow l.jpg
Money flow

  • Pay per click



Typical things that some current personal computer pc viruses do10 l.jpg
Typical things that some current Personal Computer (PC) viruses do

  • Erase files

  • Scramble data on a hard disk

  • Cause erratic screen behavior

  • Halt the PC

  • Many viruses do nothing obvious at all except spread!

  • Display a message


Distributed denial of service l.jpg
Distributed Denial of Service viruses do

  • A denial-of-service attack is an attack that causes a loss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational resources of the victim system.


How it works l.jpg
How it works? viruses do

  • The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.

  • Victim's IP address.

  • Victim's port number.

  • Attacking packet size.

  • Attacking interpacket delay.

  • Duration of attack.

  • MyDoom – SCO Group


Slide13 l.jpg
DDoS viruses do


Mydoom l.jpg
MyDoom viruses do

  • 26 January 2004: The Mydoom virus is first identified around 8am. Computer security companies report that Mydoom is responsible for approximately one in ten e-mail messages at this time. Slows overall internet performance by approximately ten percent and average web page load times by approximately fifty percent


Mydoom15 l.jpg
MyDoom… viruses do

  • 27 January: SCO Group offers a US $250,000 reward for information leading to the arrest of the worm's creator.

  • 1 February: An estimated one million computers around the world infected with Mydoom begin the virus's massive distributed denial of service attack—the largest such attack to date.

  • 2 February: The SCO Group moves its site to www.thescogroup.com.


Executable viruses l.jpg
Executable Viruses viruses do

  • Traditional Viruses

  • pieces of code attached to a legitimate program

  • run when the legitimate program gets executed

  • loads itself into memory and looks around to see if it can find any other programs on the disk


Boot sector viruses l.jpg
Boot Sector Viruses viruses do

  • Traditional Virus

  • infect the boot sector on floppy disks and hard disks

  • By putting its code in the boot sector, a virus can guarantee it gets executed

  • load itself into memory immediately, and it is able to run whenever the computer is on


Decline of traditional viruses l.jpg
Decline of traditional viruses viruses do

  • Reasons:

    • Huge size of today’s programs storing on a compact disk

    • Operating systmes now protect the boot sector


E mail viruses l.jpg
E-mail Viruses viruses do

  • Moves around in e-mail messages

  • Replicates itself by automatically mailing itself to dozens of people in the victim’s e-mail address book

  • Example: Melissa virus, ILOVEYOU virus


Melissa virus l.jpg
Melissa virus viruses do

  • March 1999

  • the Melissa virus was the fastest-spreading virus ever seen

  • Someone created the virus as a Word document uploaded to an Internet newsgroup

  • People who downloaded the document and opened it would trigger the virus

  • The virus would then send the document in an e-mail message to the first 50 people in the person's address book


Melissa virus21 l.jpg
Melissa virus viruses do

  • Took advantage of the programming language built into Microsoft Word called VBA (Visual Basic for Applications)


Prevention l.jpg
Prevention viruses do

  • Updates

  • Anti-Viruses

  • More secure operating systems

    e.g. UNIX


Reference l.jpg
Reference viruses do

  • http://mirror.aarnet.edu.au/pub/code-red/newframes-small-log.gif

  • http://www.factmonster.com/ipka/A0872842.htmlhttp://www.faqs.org/faqs/computer-virus/new-users/

  • http://www.mines.edu/academic/computer/viri-sysadmin.htm


ad
  • Login