Computer Network Forensics Lecture - Virus © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU.

Slides:



Advertisements
Similar presentations
M. Guymon - Pleasant Grove High - Spring 2003 VIRUSES Computer Technology Day 21.
Advertisements

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
B.A. (Mahayana Studies) Introduction to Computer Science November March Safety and Security What are the main safety and security.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Chapter 4: File Management, Virus Protection, and Backup
Viruses and Spyware. What is a Virus? A virus can be defined as a computer program that can reproduce by changing other programs to include a copy of.
R. Stewart Fayetteville High School VIRUSES Computer Technology Day 21.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.
Viruses & Destructive Programs
Computer Technology Part 5 Megan Rees ERMS 5/13.  Set of program instructions that attaches itself to a file, reproduces itself, and/or spreads to other.
Chapter Nine Maintaining a Computer Part III: Malware.
Data Security Unit F. Objectives Know What Can Go Wrong Explore Data Security Issues Introduce Computer Viruses Understand How viruses Spread Restrict.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Lecture 8: Files and Viruses Tonga Institute of Higher Education IT 141: Information Systems.
VIRUSES and DESTRUCTIVE PROGRAMS
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Security Chapter 8 Objectives Societal impact of information and information technology –Explain the meaning of terms related to computer security and.
Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:
D. Beecroft Fremont High School VIRUSES.
Study of Computer Virus Worms Sampath Yerramalla 04/17/02.
Adapted from Computer Concepts, New Perspectives, Thompson Course Technology EDW 647: The Internet Dr. Roger Webster & Dr. Nazli Mollah EDW647: Internet.
Computer Viruses Standard A-4 (Safety Unit). Need to Know 1.Computer Crimes 2.Types of Computer Crimes 3.Computer Virus 4.Types of Infections 5.How computer.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
1 What is a computer virus? Computer program Replicating Problematic "Event" Types Detection and prevention.
RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line Trend Micro Confidential 1 Virus/ Trojans/ Worms etc and some Common issues.
1 Higher Computing Topic 8: Supporting Software Updated
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.
Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.
Compiled & Designed by : Presentation Point Idea by: SAAD(CEO Future IT) © 2011 Presentation Point Compiled By & Designed : Presentation Point(
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
VIRUSES Computer Technology M. Guymon Pleasant Grove High School Spring 2003 Modified by M. Corbett Lehi Junior High School Spring 2006.
信息处理技术 Technology of Information Processing 潘晟旻 Instructor: Pan Shengmin 潘晟旻 Computer Center. Kun Ming University of Science & Technology.
~Computer Virus~ The things you MUST know Brought to You By Sumanta Majumdar Dept. Of Electrical Engg. 2010,GNIT
COMPUTER VIRUS.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.
Computer Viruses and Worms By: Monika Gupta Monika Gupta.
Priya Ranjan Kumar Dept. Of Computer Science Engg. 2012, RIT.
VIRUS.
n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
COMPUTER VIRUSES Computer Technology. Computer Virus Set of program instructions that attaches itself to a file, reproduces itself, and/or spreads to.
Virus. What is a virus ? A virus is a programme that is loaded onto your computer without your knowledge. Most viruses ‘infect’ other programmes by modifying.
W elcome to our Presentation. Presentation Topic Virus.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
 Chances of contracting a Virus › Every time you download software › Every time you accept attachments.
VIRUSES AND SECURITY  In an information-driven world, individuals and organization must manage and protect against risks such as viruses, which are spread.
Computer virus Done: Aaesha Mohammed ID: H
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Network Protection Against: Worms, Viruses, and Root Kits Ryan Del Vecchio Cosc. 352 October 1, 2008.
Virus Infections By: Lindsay Bowser. Introduction b What is a “virus”? b Brief history of viruses b Different types of infections b How they spread b.
COMPUTER VIRUSES Computer Technology. What is a Computer Virus? A kind of A kind of Malicious software written intentionallyMalicious software written.
SYSTEM SECURITY & ANTIVIRUS Chapter - 4 1Dr. BALAMURUGAN MUTHURAMAN.
VIRUSES & ANTI- VIRU-SES. WHAT IS A COMPUTER VIRUS? A computer virus is a small software program that spreads from one computer to another computer and.
COMPUTER VIRUSES Computer Technology.
File Management, Virus Protection, and Backup
Computer Technology Notes 5
VIRUSES and DESTRUCTIVE PROGRAMS
Computer Technology Day 21
Chap 10 Malicious Software.
Viruses.
Chap 10 Malicious Software.
Presentation transcript:

Computer Network Forensics Lecture - Virus © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU

2 Viruses, Trojan Horses, and Worms: What’s the technical definition of a virus? A computer virus is a program that attaches itself to a file, reproduces itself, and spreads to other files A virus can perform a trigger event: –corrupt and/or destroy data –display an irritating message Key characteristic is their ability to “lurk” in a computer for days or months quietly replicating themselves

3 What’s the technical definition of a virus? File virus - a virus that attaches itself to an application program –Chernobyl - designed to lurk in computer until April 26 A boot sector virus infects the system files that your computer uses every time you turn it on –A macro virus infects a set of instructions called a “macro”. –Macro - a miniature program that usually contains legitimate instructions to automate document and worksheet production

4 How is a Trojan horse different from a virus? A modern day Trojan horse is a computer program that appears to perform one function while actually doing something else –Not a virus, but may carry a virus –Does not replicate itself Another type of Trojan horse looks like a log-in screen PictureNote.Trojan – arrives as named picture.exe and then tries to steal login and e- mail passwords

5 What’s a worm? A software worm is a program designed to enter a computer system through security holes –usually through a network –does not need to be attached to a document to reproduce “Love Bug” – arrives as attachment and overwrites most music, graphic, document, spreadsheet and web files on your disks Denial of Service attacks

6 How are viruses spread?

7 How are viruses spread? Viruses are spread through s as well Macro viruses are usually found in MS Word and MS Excel files (.doc and.xls) To keep safe, you can disable macros on files you do not trust

8 What are the symptoms of a virus? What are the symptoms of a virus? –Your computer displays a vulgar, embarrassing or annoying message –Your computer develops unusual visual or sound effects –You have difficulty saving files: files mysteriously disappear –Your computer reboots suddenly –Your computer works very slowly –Your executable files unaccountably increase in size –Your computer starts sending out lots of messages on its own

9 Antivirus Software: What’s antivirus software? Antivirus software is a set of utility programs that looks for and eradicates a wide spectrum of problems such as viruses, Trojan horses, and worms

10 How does antivirus software work? Hackers have created viruses that can insert themselves into unused portions of a program. To counterattack the work of hackers, antivirus software designers created software with a checksum - a number calculated by combining binary values of all bytes in a file –compares checksum each time you run a program

11 Page 189 How does antivirus software work? Antivirus software also checks for a virus signature – a unique series of bytes used to identify a known virus Write-protecting a floppy disk will not prevent virus infection because you need to remove write protection each time you save a file to disk

12 When should I use antivirus software? “All the time” Most antivirus software allows you to specify what to check and when to check it Norton Antivirus McAfee Antivirus

13 How often should I get an update? New viruses and variations of old viruses are unleashed just about everyday Check website of antivirus software publisher for periodic updates Some software updates itself automatically

14 How reliable is antivirus software? Antivirus software is pretty reliable, but viruses try to get around detection –Multi-partite viruses –Polymorphic viruses –Stealth viruses –Retro viruses Antivirus software is not 100% reliable, but protection is worth the risk

15 How do I recognize a hoax? Bogus virus message usually contain a long list of people in the To: and CC: boxes and have been forwarded to a lot of people List some “authority” Most recommend reformatting Fake viruses are often characterized as doing bizarre deeds You can validate the hoax by going to a reliable website that lists hoaxes and viruses

16 Chapter 4 Virus Hoaxes: What’s a virus hoax? Some viruses don’t really exists A virus hoax arrives as an message containing dire warnings about a supposedly new virus that is on the loose –Recommends a strategy –Recommends forwarding the –Says no one has a fix for it yet Most cases it is a fake

17 How do I recognize a hoax?

18 How can I protect myself? PRACTICE SAFE SURF! Step One: Purchase a good antivirus program like Norton AntiVirus or McAfee Viruscan.

19 How can I protect myself? Step Two: Update your virus definitions once a week! If you don’t, YOU AREN’T PROTECTED!

20 How can I protect myself? Step Three: Never double-click (or launch) ANY file, especially an attachment, regardless of who the file is from, until you first scan that file with your antivirus program. How did Melissa, Bubbleboy, and WormExploreZip come to infect so many computers? Simple! People ignored this step.

21 How can I protect myself? Step Four: Turn on macro virus protection in Microsoft Word, especially if you don’t know what macros are. To find out how, go to NetSquirrel.com and look in the Urban Legend Combat Kit.

22 Questions What is the: – I Love You Virus? – Sircam? – Code Red II? How can you protect yourself from it? What virus is current?

23 More References