Upload
pamela-lawrence
View
246
Download
2
Embed Size (px)
Citation preview
CHAPTER 14
Viruses, Trojan Horses and Worms
INTRODUCTION Viruses, Trojan Horses and worm are malicious
programs that can cause damage to information and computer.
Malicious programs (also called malware) is usually classified into three characteristics: type of propagation, mechanism it employs and mechanism it requires to run.
There are three popular types of malicious programs: virus, Trojan Horse and worm.
There is another kind of malicious program but not exactly malicious called hoaxes.
Hoaxes tend to mislead people like Trojan Horse.
TYPES OF MALWARE Virus A virus is a piece of computer program (or code)
that attach itself to a host program or file. It can spread from computer to computer,
infecting as it travels. It cant run independently and requires host
program to activate it. Virus can damage software, hardware and files
(information). Virus does not spread without human action. An example of virus is I Love You.
TYPES OF MALWARE Worm A worm, like a virus, is designed to copy itself
from one computer to another, but it can travel alone and independently without user action.
A great danger of worms is their ability to replicate in great volume.
A worm could send out copies of itself to everyone listed in your email address book causing heavy network traffic that would slow down the Internet.
An example of worm is Melissa.
TYPES OF MALWARE Trojan Horse A computer program that appears to be useful
but that actually does damage. It spreads when people are lured into opening a
program because they think it comes from a legitimate source.
Recently, Trojan Horse came in the form of an e-mail that included attachments.
Trojan Horse can also be included in software that downloaded for free.
An example of Trojan Horse is Happy99.
ANATOMY OF VIRUS Viruses are divided into two primary
components: propagation and payload. Propagation Propagation, also known as delivery mechanism,
is the method by which the virus spreads itself. There are two types of propagation: parasitic and
boot sector infector. Parasitic In this propagation, virus attach itself in the files
and the affected files is being parasite on other files.
ANATOMY OF VIRUS Classically, there were .com and .exe files (MS-
DOS files) that could be parasite to other files. In this method, an infected file has to be run,
but, nowadays, an affected file not necessarily to be executable, for example, a macro virus.
Payload Payload refers to what the virus does once
executed. Payload may be nothing, maybe something
harmless or could be something destructive, for example, erasing hard drive.
HOW TO SECURE There are several ways to secure against
malicious software: 1. Use Anti-Virus Software A-V software are full of solutions to almost every
existing virus problems. Always update anti-virus software as frequently
as possible. 2. Use Heuristic Method This method allows the scanner to search for
code that looks like it could be malicious.
HOW TO SECURE
3. Use Web Browser Security Limited surfing only trusted and hope be safe yet
left out of what the Web has offer. Both Netscape and Internet Explorer include
options to disable all the active content that could cause problems.
4. Beware Stranger E-mail Don’t open any e-mail attachment comes from
stranger or unknown content of e-mail.
HOW TO SECURE
5. Use Original Software Always use original application software, for
example, through online resources. 6. Other Techniques Other technique could be used for detecting
virus include file and program integrity checking, for example, “Integrity protection Driver” provided by Windows NT operating system.