










































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
An in-depth exploration of malicious software, including viruses, worms, trojan horses, and other types of malware. Topics covered include taxonomy, terminology, virus phases, virus classes, and protection strategies. Henric johnson's article also discusses advanced antivirus techniques, such as trusted systems and multilevel security.
Typology: Study notes
1 / 50
This page cannot be seen from the preview
Don't miss anything!











































EJ Jung
! (from Networkworld.com)
Henric Johnson (^3)
Need Host Program Independent Trapdoors Logic Bombs Trojan Horses Viruses Bacteria Worms Malicious Programs
!! Trojan Horse : use program or command procedure that contains hidden code that when invoked performs some unwanted or harmful procedure. These may also be used for data destruction. !! Mobile Code : programs that can be shipped unchanged to a heterogeneous collection of platforms and execute identical semantics. 6
!! Viruses : software that can infect other programs by modifying them. The infection may be passed onto other programs. !!Virus has three parts: -Infection mechanism -Trigger -Payload 7
!!By Target -Boot Sector Infector -File Infector -Macro Virus !!By Concealment Strategy -Encrypted Virus -Stealth Virus -Polymorphic Virus -Metamorphic Virus 9
!Virus propagates by infecting other programs
Henric Johnson (^11)
Henric Johnson (^12)
Henric Johnson (^15)
1st Generation, Scanners: searched files for any of a library of known virus “signatures.” Checked executable files for length changes. 2nd Generation, Heuristic Scanners: looks for more general signs than specific signatures (code segments common to many viruses). Checked files for checksum or hash changes. 3rd Generation, Activity Traps: stay resident in memory and look for certain patterns of software behavior (e.g., scanning files). 4th Generation, Full Featured: combine the best of the techniques above.
!Simple anti-virus scanners
!!One way to enhance the ability of a system to defend against intruders and malicious programs is to implement trusted system technology !!Properties of Trusted Systems
-! Protection of data and resources on the basis of levels of security (e.g. military) -! Users can be granted clearances to access certain categories of data Henric Johnson (^2)