This chapter explains the rise and evolution of computer viruses, from the first comparatively simple and straightforward viruses to the latest malicious softwares that exist these days. The chapter also describes varieties of known malware types and techniques, and gives information about how malware spreads and the risks it places to organizations of any size.
This chapter has several objectives:
- Evolution of computer virus
- Defining Malware and characteristics
- Differences between worm, virus, Trojan , spyware and, their characteristics
- Detection techniques
Evolution of computer viruses
The most familiar mistake people do when the subject of a computer virus comes up is to mention a worm or Trojan horse as a virus. Although the words virus, worm, and Trojan are frequently interchangeable, they are not precisely the same. Viruses, worms and Trojan Horses are all malicious programs that have the capability to harm the computer, but there are conflicts between the three. A virus has the capability of travelling form one computer to another by attaching itself to a program or to a file, leaving infection as it travels. It works exactly like a human virus. For more details on this topic. Most of time all the viruses are attached to an executable files .It cannot infect our computer unless it has been executed.
Worms on the other hand are a kind of network viruses, which replicate on network. A worm has the capability of executing itself automatically on a remote machine without human interaction. Worms are typically standalone applications without a host program. The main danger with a worm is that it is capable to replicate itself on our system, so that it can send out many copies of itself creating big destructive effects.
It is not astonishing that the evolution of computer viruses is directly linked to the achievement and development of the Internet. The contrast between the internet and a living creature is that they constantly fight against viruses. As the Internet has developed, so has the environment of the threat. Viruses have bred new forms of malicious life that flourish on the computer technology of Internet connectivity, voice and data communications. These new threats can quickly recreate and spread themselves (worms) to attack their hosts. Self-governing threats have joined in the form of coalesced threats that join to recognize,
disenable, or demolish any vulnerable carrier hosts . So from where did it all start? The computer worm label was conceived following from the publishing of “The Shockwave Rider”, a science fiction novel published in 1975 by John Brunner. Afterwards researchers from Xerox PARC, Jon AHupp and John F Shock published a paper in 1982. Xerox was the first Computer Worm. This was not able to spread because of lack of internet infrastructure.
In the late 80’s there was a virus called Brain (1986), which infected the boot sector of floppy disks which were the primary method of transmitting files between computers. This virus was written in assembly language, and propagation was very slow because it depends upon physically carrying the infected disk form one computer to other. These viruses’ fall in a class called “Boot Sector Viruses”. The virus is transmitted when the PC boots up. By the early 90s, famous viruses like Stoned, Jerusalem, and Cascade started to flow . In the middle to late 90’s, the landscape started to alter with the development of the Internet and personal computer use, the rise of networking, and the adoption of electronic mail systems. A worm
called “big impact worms” started to reach the public in different ways. The use of email added highprofile mass-mailer worms such as Melissa (1999), “I Love You” (2000), Anna Kournikova (2001), SoBig (2003) and Mydoom (2004) that made the headlines and entered the public awareness. These types of worms doubled their number of victims every few hours, quickly reaching zenith activity less than 20 hours of being released. This marked the parallel rise in controlled, sometimes synchronized attacks. The volatile development of online financial transactions resulted in enlarged security events and in the appearance of novel types of malicious software and attacks.
Today, we are not dealing with viruses, but also with worms, Trojan horses, backdoors, rootkits, HTTP exploits, privilege escalation exploits, and buffer overflow exploits. These threats make out and target upon vulnerabilities in applications and software programs to carry and spread attacks. The ultimate goal of most of the attackers tends to focus on financial gain. These new trends explain why malware is now a worldwide multi-million dollar criminal industry.
Also mentions how the phishing Trojan technique executes, how it overcomes a few authentication schemes and how some banks and security firms are extenuating the threat with more complex authentication and fraud detection schemes. To end with, this report will inspect the potential mitigation techniques.
No comments:
Post a Comment