Presentation is loading. Please wait.

Presentation is loading. Please wait.

ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD.

Published byJames Lang Modified over 8 years ago

Similar presentations

Presentation on theme: "ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD."— Presentation transcript:

1 ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD.

2 What is Virus ? Sources of virus Types of virus What is Antivirus ? Antivirus Features Virus Identification Methods  Signature Based Detection  Heuristic Based Detection

3 What is Virus ? We define a computer 'virus' as a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself Every program that gets infected may also act as a virus and thus the infection grows Viruses mostly corrupt data and interfere with the performance of hardware and software

4 Sources of virus? Flash Drive Floppy Disk CD/DVD Pirated Software Internet/FTP LAN/File Sharing

5 Types of Virus Boot viruses Program viruses Multipartite viruses Stealth viruses Polymorphic viruses Macro viruses Active X viruses Trojan / Trojan Horse – Back Orifice Worm – Red Code

6 What is Antivirus? computer software used to prevent, detect and remove malicious computer viruses Most software described as antivirus also works against other types of malware, such as malicious Browser Helper Objects (BHOs), browser hijackers, ransomware, keyloggers, backdoors, rootkits, trojan horses, worms, malicious adware and spyware example of antivirus are Avast, BitDefender, AVG, Nod32, ZoneAlarm, and Kaspersky

7 Features of Antivirus Real time Scanner On-access Scanner On-Demand Scanner Heuristic Scanner Compressed File Scanner Scheduled Scans Script Blocking POP3 Email Scanning Webmail Protection Instant Messaging Protection Automatic Virus Updates Automatic Program Updates

8 Virus Identification Methods Signature Based Detection: ◦ uses key aspects of an examined file to create a static fingerprint of known malware ◦ To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures ◦ A signature is an algorithm or hash (a number derived from a string of text) that uniquely identifies a specific virus ◦ Format: | 0095C3A4|STONED.LESZOP.A 0086C7BE|STONED.MARCH6.A

9 Signature based Scan Working Search Memory Search File Search Content Based Icon Based Registry Search

10 Database Design To store the virus signature a collection of flat file can used and the attributes are separated by each other using pipeline “ | ‘’ symbol Some Example are mentioned below, 5B110B72|DENZUK.E 5B0DE15C|PINGPONG.A 5BEB04FF|WIN95.TWINNY.16384 49 5B807327|WIN32.BOLZANO.3628 5B33914C|GENE.948 Where the first portion before ‘|’ (Pipeline), is used virus signature in CRC16 form and another portion is mentioned as virus code name

11 Limitations: A major limitation of signature-based detection is that, by itself, this method is unable to flag malicious files for which signatures have not yet been developed With this in mind, modern attackers frequently mutate their creations to retain malicious functionality by changing the file’s signature

12 Heuristic Based Detection Method A heuristic scan is used to detect new, unknown viruses in the system that have not yet been identified Heuristic analysis is an expert based analysis that determines the susceptibility of a system towards particular threat/risk using various decision rules or weighing methods Heuristic method identifies a general signature rather than a specific signature for a particular virus

13 Working of Heuristic based method Virus detection is based on recognition of a signature or string of code which identifies a certain virus to detect an unknown virus, a particular signature or recognized code does not yet exist. For this reason a heuristic scan is used Heuristic methods are based on the piece-by-piece examination of a virus, looking for a sequence or sequences of instructions that differentiate the virus from ‘normal’ programs.

14 Advantages and Limitations The principle advantage of this method is the ability to detect known and unknown viruses, based on common characteristics shared by different viruses Yet heuristic scans have their share of inconveniences, such as the length of time the scan takes, which is longer than other types Also, depending on data an increased number of false positives can occur

15 Conclusion o Virus are very dangerous which harm to the system and may crash the system or corrupt the data. So that the antivirus software must be dynamically changes its database as well as its detection methods to detect and remove it.

16

Download ppt "ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.

September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.

3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.

Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.
By Hassan Abu daqen & montaser elsabe3 & Nidal Abu saif.

By Hassan Abu daqen & montaser elsabe3 & Nidal Abu saif.
Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
No.24 Prerawat Denvutivorkarn M.2/2. Definition: antivirus is protective software designed to defend your computer against malicious software. Malicious.

No.24 Prerawat Denvutivorkarn M.2/2. Definition: "antivirus" is protective software designed to defend your computer against malicious software. Malicious.
GROUP MEMBERS ALI RAZA EHTASHAM ZAFAR SOHAIB AHMED BILAL HASSAN FAHAD ABDUL AZIZ.

GROUP MEMBERS ALI RAZA EHTASHAM ZAFAR SOHAIB AHMED BILAL HASSAN FAHAD ABDUL AZIZ.
Summary Notes TERM TWO BASIC SEVEN 7 Prepared by Sir Lexis Oppong Prepared by Sir Lexis Oppong ACADEMIC YEAR 2013/2014 ACADEMIC YEAR 2013/2014.

Summary Notes TERM TWO BASIC SEVEN 7 Prepared by Sir Lexis Oppong Prepared by Sir Lexis Oppong ACADEMIC YEAR 2013/2014 ACADEMIC YEAR 2013/2014.
What is it, how does it work, and why is it important?

What is it, how does it work, and why is it important?
Beyond Anti-Virus by Dan Keller 1987- Fred Cohen- Computer Scientist “there is no algorithm that can perfectly detect all possible computer viruses”

Beyond Anti-Virus by Dan Keller Fred Cohen- Computer Scientist “there is no algorithm that can perfectly detect all possible computer viruses”
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.

Video Following is a video of what can happen if you don’t update your security settings! security.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Similar presentations

Ads by Google