Study of Computer Virus Worms

1
Study of Computer Virus Worms

• Sampath Yerramalla
• 04/17/02

2
Survey

• Virus Appearance
• National Press
• Faster than in papers
• Melissa
• The Love Letter
• Anna Kournikova
• Vulnerabilities
• Computer hardware based on single trusted user
• Software loop-holes
• Research Any machine with almost any OS can
  support virus

3
Difference

• Virus
• A computer program that replicates by attaching
  itself to some other object
• Usually small size programs ( 3-30k )
• Designed to evade detection
• Worm
• First reported ed by John Shoh and Jon Hupp of
  XEROX PARC
• Sends itself to other systems
• Bigger in size than virus
• More abilities
• Not easy to write

4
Virus Spread

• Medium
• Hard disk
• Floppy disks
• Tape
• Optical media
• Memory
• Internet
• E-mail attachments
• .exe .bat .vbs
• Incentive and trap
• Money
• Sex
• Humor
• Research One in every five hundred e-mail
  messages contain a virus.

5
Types

• Effect on OS, programming used and size.
• Boot sector virus
• Polymorphic virus
• Time Bomb
• Shell virus
• Add-on virus
• Trojan horse
• Internet worms

6
Polymorphic virus

• Mutates
• Hard to detect
• All parts of the multipartite virus needs to be
  cleaned
• Different kinds of damages
• Amusing screen displays
• Unusual sound displays
• System reboots
• Reformatting the hard disk

7
Shell Virus
Uninfected Program
Infected Program
8
Add-on Virus
Uninfected Program
Infected Program
9
Trojan Horse

• A program that hides it true intention
• e-mail attachments
• Trick into installing malicious software
• Droppers
• Backdoors
• Hackers
• Subseven
• Back Orifice
• Netbus

10
Internet Worms

• Use complex e-mal functions and network software
• Steals addresses from your address book
• New hosts through un-protected system drives
• W32/ska W32/Navidad_at_M
• VBS/Netlog
• W32/Explorezip
• W32/Qaz
• W32/SaddamHussain,
• Virus Hackers

11
Hackers attack Microsoft
12
Virus programmers

• Common languages to create virus
• Assembler
• C
• Visual Basic
• Java
• Unfortunately, virus are created by people for
  all usual reasons
• Dirty tricks
• Make a living
• Fortunately, not all virus programmers arent in
  boy or girl genius league .

13
Viral Signatures

• Repeated infection early detection
• Unique virus signatures
• Mixed blessing
• Fake Viral signatures to protect against virus

14
Why should I care ?

• Reproduce
• Stealing addresses from your Address Book
• Write files to a Local directory / Network
  computer
• Appears to be done by you
• Un-authorized Access
• Passwords
• Credit card numbers
• Destroy the computer
• Computer un-usable
• Allow other people (anywhere on internet), to get
  control of your computer

15
Have I Been a Victim ?

• Reproduction stage
• Alert box
• Too late
• Virus hoax are common than virus itself

16
Getting Rid of Virus

• Virus code is tagged at the end of a program
• Placed in the empty slots of a program
• Both types can be cleaned
• Unfortunately, virus world doesnt end here
• Some virus replace the program code with their
  own code
• Cant be cleaned, hence deleted

17
Getting Rid of Virus

• Some can be removed
• Others may require part or all of the OS to be
  removed or re-installed
• Retrieval of files
• Damage cannot be undone

18
Prevention better than any cure

• Technical measures
• Anti-virus software
• Update
• Check mail-servers
• Reject all e-mails of dangerous or unknown
  extensions
• Suspect even safe extensions
• Disabling functions
• Removing windows script hosting

19
Dos and Donts

• Always update your anti-virus software at least
  weekly
• Back up your important files and ensure that they
  can be restored
• Change the computer's boot sequence to always
  start the PC from its hard drive
• Don't share Drive C without a password and
  without read-only restrictions
• Empty floppy drives of diskettes before turning
  on computers, especially laptops
• Forget opening unexpected e-mail attachments,
  even if they're from friends
• Get trained on your computer's anti-virus
  software and use it

20
Dos and Donts.

• Have multiple backups of important files
• Install security updates for your operating
  system and programs as soon as possible
• Jump at the chance to learn more about your
  computer. This will help you spot viruses

• Knowledge is contagious, infect the truth

21
References

• Ill include them in the term paper !
• Sampath Yerramalla