Embed Size (px)
Citation preview
BY,SHUSRUSHA BEZUGAM,
III Year IT-B.
CONTENTS• INTRODUCTION.•ANTIVIRUS APPROACHES.•GENERATIONS OF ANITIVIRUS SOFTWARES.•ADVANCED ANTIVIRUS TECHNIQUES.•CONCLUSION.
INTRODUCTION•DON’T ALLOW VIRUS OR BLOCK THE VIRUS.•The key to protecting your computer against infection from viruses, is understanding how they spread.
ANTIVIRUS APPROACHES•PREVENTION•GOAL•BEST APPROACH
BEST APPROACHES:• DETECTION: Determine the infection and locate the virus.• IDENTIFICATION: Determine the specific virus that has infected a
program.• REMOVAL: Remove the traces of virus and restore the original file.
VIRUS DETECTION VIRUS IDENTIFICATION VIRUS REMOVAL
GENERATIONS OF ANITIVIRUS SOFTWARES• Antivirus software's depend on virus.• Previously, virus attacks were simple so antivirus packages used to treat
them were also simple.• As, the virus arms race evolved, antivirus software’s have grown more
complex and sophisticated.• There are 4 generations of antivirus software:1.First Generation: simple scanners(record of program lengths).2.Second Generation: heuristic scanners(integrity checking with
checksums).3.Third Generation: activity traps(memory resident , detect infected
actions).4.Fourth Generation: full-featured protection(access control capability).
First Generation• These anti-virus software
programs were called as simple scanners.
• They needed a virus signature to identify a virus.
• A variation of such programs kept a watch on the length of programs and looked for changes so as to possibly identify a virus attack.
Second Generation• These antivirus software programs
did not rely on simple virus signatures.
• Rather, they used some rules to look for possible virus attacks.
• The basic idea was to look for code blocks that were commonly associated with viruses.
• Another variation of these anti-virus programs used to store some identification about the file to detect changes in the contents of the file.
Third Generation• These anti-virus software
programs were memory resident.
• They watched for viruses based on their actions, rather than their structure.
• Thus, it is not necessary to maintain a large database of virus signatures.
• Instead, focus on keeping a watch on a small number of suspect actions
Fourth Generation• These anti-virus software
programs package many anti-virus techniques together(example scanning, monitoring, filtering).
• They also contain access control features, thus defeating the attempts of a virus to infect the files.
ADVANCED ANTIVIRUS TECHNIQUES•More sophisticated antivirus approaches.•GENERIC DECRYPTION.•DIGITAL IMMUNE SYSTEM.•BEHAVIOURAL BLOCKING SOFTWARE.
GENERIC DECRYPTION• Easily detects even most complex polymorphic virus.• It maintains fast scanning speeds.• No damage to the personal computer.• Contains following elements:
• CPU emulator – software based virtual computer.• Virus signature scanner – scans target code for known signatures.• Emulation control module – control execution of target code.
• DISADVANTAGES: We can’t determine how long to run each interpretation and degradation of system performance.
CPU EMULATOR
DIGITAL IMMUNE SYSTEM• Developed by IBM and refined by Symantec.• Motivation: Internet based virus propagation.• Antivirus was updated monthly.• Two major trends in Internet technology have had an increasing
impact on rate of virus propagation:• INTEGRATED MAIL SYSTEMS: Microsoft outlook, Lotus notes.• MOBILE-PROGRAM SYSTEMS: JAVA and ActiveX.
BEHAVIOURAL BLOCKING SOFTWARE• It integrates with the operating system of host computer and
monitors program behavior in real-time for malicious actions.• It blocks malicious actions before they affect the system.• Monitored behavior may include:• Attempts to open , view, delete or modify the files.• To format disk drives.• Modifications to the logic of executable files.• Modifications to the startup settings.• Scripting of e-mail.
CONCLUSIONIn order to countermeasure the threats of virus , the user should: • Installing Anti-virus Applications. • Often Get the data drive Scan and analyzed. • Gaining basic knowledge about the way virus work. • Installing Basic internet Security Applications.
THANK YOU
