Presentation is loading. Please wait.

Presentation is loading. Please wait.

What is it, how does it work, and why is it important?

Similar presentations


Presentation on theme: "What is it, how does it work, and why is it important?"— Presentation transcript:

1 What is it, how does it work, and why is it important?

2 Anti-virus software  A computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software.  Anti-virus software typically uses two different techniques to accomplish this:  Examining files to look for known viruses by means of a virus dictionary  Identifying suspicious behavior from any computer program which might indicate infection

3 Anti-virus software  Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.  Lets look at the dictionary approach.

4 Anti-virus software Dictionary Approach  Software examines a file  Compares to a dictionary of known viruses  Dictionary/repository of virus info managed by the author of the software  If a piece of code in the file matches any virus identified in the dictionary, then the anti-virus software can  delete the file,  quarantine it so that the file is inaccessible to other programs and its virus is unable to spread,  or attempt to repair the file by removing the virus itself from the file.  To be successful the virus dictionary approach requires periodic online downloads of updated virus dictionary entries.

5 Anti-virus software Dictionary Approach  Dictionary-based anti-virus software typically examines files when the computer's operating system creates, opens, and closes them; and when the files are e-mailed.  In this way, a known virus can be detected immediately upon receipt.  The software can also typically be scheduled to examine all files on the user's hard disk on a regular basis.  Although the dictionary approach is considered effective, virus authors have tried to stay a step ahead of such software by writing "polymorphic viruses", which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.

6  Monitors the behavior of all programs.  If one program tries to write data to an executable program, for example, this is flagged as suspicious behavior and the user is alerted to this, and asked what to do.  Provides protection against brand-new viruses that do not yet exist in any virus dictionaries.  However, it also sounds a large number of false positives, and users probably become desensitized to all the warnings.  If the user clicks "Accept" on every such warning, then the anti-virus software is obviously useless to that user.  This problem has especially been made worse over the past 7 years, since many more nonmalicious program designs chose to modify other.exes without regards to this false positive issue.  Thus, most modern anti virus software uses this technique less and less. Anti-virus software Suspicious Behavior approach

7 Anti-virus software  User education is as important as anti-virus software; simply training users in safe computing practices, such as not downloading and executing unknown programs from the Internet, would slow the spread of viruses, without the need of anti- virus software.

8 What is a virus and how does it work?  A virus is a program or code that attaches itself to a legitimate, executable piece of software, and then reproduces itself when that program is run.  Viruses spread by reproducing and inserting themselves into programs, documents, or email attachments.  Commonly transmitted through emails or downloaded files and they can be present on CDs, DVDs, USB-drives and any other sort of digital media. A virus normally requires action to successfully infect a victim.  For instance - the malicious programs inside email attachments usually only strike if the recipient opens them. The effect of a virus can be anything from a simple prank that pops up messages to the complete destruction of programs and data.

9  Nowadays, mobile operators are starting to feel the pinch from viruses resulting from the increasing use of emails and Internet browsing on cell phones.  Attacks on cell phones rose five times in 2006, with clients of 83 percent of mobile operators around the world having been hit, an industry study showed. What is a virus and how does it work?

10 What are some good anti- virus programs?  Norton Anti-virus  McAfee  Avast Pro  PC Tools Spyware Dr. with Anti-virus  Bitdefender Anti-virus Plus  Kaspersky Anti-virus  Panda Anti-virus Pro  F-Secure Anti-virus  AVG anti-virus


Download ppt "What is it, how does it work, and why is it important?"

Similar presentations


Ads by Google