TECHNICAL SEMINAR PRESENTATION

COMPUTER VIRUSES AND ANTIVIRUSES :

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

AN INSIGHT

by
BHABANI SHANKAR KAR
ROLL NO. CS200117153
under the guidance of

Mr.DUTIKRUSHNA PANDA
Department of Computer science, NIST,Berhampur.

BHABANI SHANKAR KAR CS200117153 [1]

 TECHNICAL SEMINAR PRESENTATION
NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

TYPES OF INFECTANTS:
1. VIRUSES: Small piece of software that piggybacks on real programs
2. WORMS: Computer program that copies itself from machine to machine
3. E-MAIL VIRUSES :Moves around in e-mail messages
4. TROJAN HORSES: Claims to do one thing, but does something else

VIRUS: WORKING PHASES

1. INFECTION PHASE: The file is infected
2. ATTACK PHASE: The infected file is run, and virus shows its action

BHABANI SHANKAR KAR CS200117153 [2]

 TECHNICAL SEMINAR PRESENTATION

VIRUSES: WHAT THEY INFECT

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

1. System Sector Viruses :DOS boot sector or the Master Boot Record
2. File Viruses :Program (COM and EXE) files
3. Macro Viruses :Data files having macro programs
4. Companion Viruses : EXE files by installing a same-named COM file
5. Cluster Viruses :Changes the DOS directory information so that directory entries
point to the virus code instead of the actual program
6. Batch File Viruses : batch files
7. Source Code Viruses : Source code, by adding Trojan code to it
8. Visual Basic Worms : Visual Basic Scripts

BHABANI SHANKAR KAR CS200117153 [3]

 TECHNICAL SEMINAR PRESENTATION

VIRUSES: HOW THEY INFECT

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

1. Polymorphic Viruses :change their characteristics as they infect.

2. Stealth Viruses:hide themselves from antivirus or system software
3. Fast and Slow Infectors: infect in a particular way
4. Sparse Infectors: Viruses that don't infect very often.
5. Armored Viruses : programmed to make disassembly difficult
6. Multipartite Viruses: Fall into more than one of the top classes.
7. Cavity (Space filler) Viruses: attempt to maintain a constant file size
8. Tunneling Viruses "tunnel" under anti-virus software while infecting.
9. Camouflage Viruses :appear as a benign program to scanners.
10. NTFS ADS Viruses: ride on the alternate data streams in the NT File System
11. Virus Droppers: runs and installs (or "drop") a virus onto your system

BHABANI SHANKAR KAR CS200117153 [4]

 TECHNICAL SEMINAR PRESENTATION
VIRUSES AND THE INTERNET
NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

•Comparatively small role in the spread of viruses

•Only when someone mails an infected document to someone else OR
makes one available on web site
•Anonymous posting
•Huge role in future

“GOOD” VIRUSES
•The "Anti-Virus" Virus: locate other (presumably malicious) computer viruses and
remove them.
•The "File Compressor" Virus :compress the files it infects
•The "Disk Encryptor" Virus :ensures the privacy of the user's data.
•The "Maintenance" Virus : performs some maintenance tasks

BHABANI SHANKAR KAR CS200117153 [5]

 TECHNICAL SEMINAR PRESENTATION

ANTI-VIRUS SOFTWARE: Software that detects and removes viruses

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

PROTECTION FROM VIRUSES

•Scanning: scanning programs that look for telltale code (signature strings)
characteristic of the virus
•Integrity checking : recording integrity data that acts as a signature for the
files and system sectors
•Interception: monitors operating system requests and intercepts user on
finding threatening activity
•Anti-virus product use guidelines: proper use and updation of AV software
•Watch out for dangerous file extensions : avoid dangerous extensions
•Safe computing practices(safehex) : safe and careful use and practise

BHABANI SHANKAR KAR CS200117153 [6]

 TECHNICAL SEMINAR PRESENTATION

SAFE COMPUTING PRACTICES(SAFEHEX)

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

•Update AV software
•Safe boot disk
•Hard disk boot
•Don't open attachments
•Turn off preview
•Disable scripting
•Show extensions
•Protect floppies
•Keep up with the latest security patches
•Get info
•TAKE BACKUPS!!!

BHABANI SHANKAR KAR CS200117153 [7]

 TECHNICAL SEMINAR PRESENTATION

APPROACHES TO DETECT VIRUSES

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

1. THE SIGNATURE APPROACH

BHABANI SHANKAR KAR CS200117153 [8]

 TECHNICAL SEMINAR PRESENTATION
NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

2.THE SANDBOX APPROACH

BHABANI SHANKAR KAR CS200117153 [9]

 TECHNICAL SEMINAR PRESENTATION
NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

3.THE HEURISTIC APPROACH

BHABANI SHANKAR KAR CS200117153 [10]

 TECHNICAL SEMINAR PRESENTATION

REMOVING AN INFECTED FILE

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

BHABANI SHANKAR KAR CS200117153 [11]

 TECHNICAL SEMINAR PRESENTATION

ANTI- VIRUS RESEARCH

NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

•IBM has been preparing a defense against fast spreading viruses

•Built the first commercial-grade immune system
•Can find, analyze and cure previously unknown viruses
•Analysis center can analyze most viruses automatically
•Greater speed and precision than human analysts can
•Runs the viruses in a virtual environment

•End-to-end security of the system allows the safe

submission of virus samples and ensures IBM VIRUS ANALYSIS CENTER

authentication of new virus definitions.

BHABANI SHANKAR KAR CS200117153 [12]

 TECHNICAL SEMINAR PRESENTATION
NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

CONCLUSION
•VIRUSES HAVE STIMULATED SCIENTIFIC THINKING AND IDEAS
•SOME IDEAS CAN ALSO BE EXPORTED INTO MEDICAL SCIENCE
•SCOPE FOR FURTHER IMPROVEMENT AND RESEARCH
•VIRUSES CAN ALSO BE PUT TO CONSTRUCTIVE USE(GOOD
VIRUSES)
•EACH USER MUST REALIZE THE GRAVE DANGER POSED BY
VIRUSES
•TAKE STEPS TO PREVENT INFECTION, AND IN CASE OF
INFECTION, PROPER AND SAFE WAYS OF DEALING WITH THE
INFECTION

THANK YOU!!!!

BHABANI SHANKAR KAR CS200117153 [13]

 TECHNICAL SEMINAR PRESENTATION
NATIONAL INSTITUTE OF SCIENCE & TECHNOLOGY

QUERIES PLEASE!!!

BHABANI SHANKAR KAR CS200117153 [14]