Computer Viruses 3417 Free Essay Example from StudyTiger

Polymorphic & Cloning Computer Viruses generation of today is growing up in a fast-growing, high-tech world whichallows us to do the impossibilities of yesterday. With the help of moderntelecommunications and the rapid growth of the personal computer in the averagehousehold we are able to talk to and share information with people from allsides of the globe. However, this vast amount of information transport hasopened the doors for the computer "virus" of the future to flourish.As time passes on, so-called "viruses" are becoming more and moreadaptive and dangerous. No longer are viruses merely a rarity among computerusers and no longer are they mere nuisances. Since many people depend on thedata in their computer every day to make a living, the risk of catastrophe hasincreased tenfold.

The people who create computer viruses are now becoming muchmore adept at making them harder to detect and eliminate. These so-called "polymorphic"viruses are able to clone themselves and change themselves as they need to avoiddetection. This form of "smart viruses" allows the virus to have aform of artificial intelligence. To understand the way a computer virus worksand spreads, first one must understand some basics about computers, specificallypertaining to the way it stores data.

Because of the severity of the damage thatthese viruses may cause, it is important to understand how anti-virus programsgo about detecting them and how the virus itself adapts to meet the everchanging conditions of a computer. In much the same way as animals, computerviruses live in complex environments. In this case, the computer acts as a formof ecosystem in which the virus functions. In order for someone to adequatelyunderstand how and why the virus adapts itself, it must first be shown how theenvironment is constantly changing and how the virus can interact and deal withthese changes. There are many forms of computers in the world; however, forsimplicity’s sake, this paper will focus on the most common form of personalcomputers, the 80x86, better known as an IBM compatible machine. The computeritself is run by a special piece of electronics known as a microprocessor.

Thisacts as the brains of the computer ecosystem and could be said to be at the topof the food chain. A computer’s primary function is to hold and manipulatedata and that is where a virus comes into play. Data itself is stored in thecomputer via memory. There are two general categories for all memory: randomaccess memory (RAM) and physical memory (hard and floppy diskettes). In eitherof those types of memory can a virus reside.

RAM is by nature temporary; everytime the computer is reset the RAM is erased. Physical memory, however, isfairly permanent. A piece of information, data, file, program, or virus placedhere will still be around in the event that the computer is turned off. Withinthis complex environment, exists computer viruses. There is no exact andconcrete definition for a computer virus, but over time some commonly acceptedfacts have been related to them. All viruses are programs or pieces of programsthat reside in some form of memory.

They all were created by a person with theexplicit intent of being a virus. For example, a bug (or error) in a program,while perhaps dangerous, is not considered a computer virus due to the fact thatit was created on accident by the programmers of the software. Therefore,viruses are not created by accident. They can, however, be contracted and passedalong by accident. In fact it may be weeks until a person even is aware thattheir computer has a virus. All viruses try to spread themselves in some way.

Some viruses simply copy clones of themselves all over the hard drive. These arereferred to as cloning viruses. They can be very destructive and spread fast andeasily throughout the computer system. To illustrate the way a standard cloningvirus would adapt to its surroundings a theoretical example will be used.

Oneday a teacher decides to use his/her classroom Macintosh’s Netscape todownload some material on photosynthesis. Included in that material is a moviefile which illustrates the process. However, the teacher is not aware that themovie file is infected with a computer virus. The virus is a section of binarycode attached to the end of the movie file that will execute its programmedoperations whenever the file is accessed.

Then, the teacher plays the movie. Asthe movie is being played the virus makes a clone of itself in every file insidethe system folder of that computer. The teacher shuts down the computernormally, but the next day when it is booted up all of the colors are changed toblack and white. The explanation is that the virus has been programmed to copyitself into all of the files that the computer accesses in a day. Thus, when thecomputer reboots, the Macintosh operating system looks into the system folder ata file to see how many colors to use.

The virus notices it access this file andimmediately copies it self into it and changes the number of colors to two. Thusthe virus has detected a change in the files that are opened in the computer andadapted itself by placing a clone of itself into the color configuration files.Another prime way that viruses are spread throughout computers extremely rapidlyis via LANs (Local Area Networks) such as the one setup at Lincoln that connectsall of the classroom Macs together. A LAN is a group of computers linkedtogether with very fast and high capacity cables. Below is an illustratedexample of a network of computers: Since all of the computers on a network areconnected together already, the transportation of a virus is made even easier.When the "color" virus from the above example detects that thecomputer is using the network to copy files across the school, it automaticallyclones a copy of itself into every file that is transported across the network.

When it reaches the new computer it waits until it has been shut off then turnedback on again to copy itself into the color configuration files and change thedisplay to black and white. If this computer should then log on to the network,the virus will transport again. In this manner network capable viruses can veryquickly adapt and cripple an entire corporation or office building. Do to theseverity of some viruses, people have devised methods of detecting anderadicating them. The anti-viral programs will scan the entire hard drivelooking for evidence that viruses may have infected it. These programs must betold very specifically what to look for on the hard drive.

There are two mainmethods of detecting viruses on a computer. The first is to compare all of theviruses on the hard disk to known types of viruses. While this method is veryprecise, it can be rendered totally useless when dealing with a new andpreviously unknown virus. The other method deals with the way in which a commoncloning virus adapts.

All that a cloning virus really does is look at whatoperations the computer is executing and react and adapt to them by making morecopies of itself. This is the serious flaw with cloning viruses: all the copiesof itself look the same. Basically all data in a computer is stored in a bytestructure format. These bytes, which are analogous to symbols, occur in specificorders and lengths. Each of the cloned viruses has the same order and length ofthe byte structure. All that the anti-virus program has to do is scan the harddrive for byte structures that are duplicated several times and delete them.

This method is an excellent way of dealing with the adaptive and reproducingformat of cloning viruses. The disadvantage is that it can produce a number offalse alarms such as when a user has two copies of the same file. Thereby, asimple cloning viruses’ main flaw is exposed. However, the (sick minded)people who create these viruses have founded a way to get around this bycreating a new and even more adaptive virus called the polymorphic virus.Polymorphic viruses were created with the explicit intent of being able to adaptand reproduce in ways other than simple cloning.

These viruses contain a form ofartificial intelligence. While this makes them by no means as smart or adaptiveas a human being, it does allow them to avoid conventional means of detection. Aconventional anti-virus program searching for cloned viruses will not thinkfiles with different byte-structures as are viruses. A good analogy for apolymorphic virus would be a chameleon. The chameleon is able to change itsoutward appearance but not the fact that it is a chameleon. A polymorphicvirus’s main goal is just like that of any other virus: to reproduce itselfand complete some programmed task (like deleting files or changing the colors ofthe monitor); this fact is never changed.

However, it is the way in which theyreproduce that makes them different. A polymorphic virus does more to adapt thanjust make copies of itself into other files. In fact, it does not really evenclone its physical byte structure. Instead it creates other programs withdifferent byte structures that are attempting to perform the same task. In asense, polymorphic viruses are smart enough to evolve itself by writing newprograms on the fly. Because of the fact that they all have different bytestructures, they pass undetected through conventional byte comparison anti-viraltechniques.

Not only are polymorphic viruses smart enough to react to theirenvironment by adaptation, but they are able to do it in a systematic way thatwill prevent their future detection and allow them to take on a new life oftheir own. Computer viruses are extremely dangerous programs that will adaptthemselves to the ever changing environment of memory by making copies ofthemselves. Cloning viruses create exact copies of themselves and attach toother files on the hard drive in an attempt to survive detection. Polymorphicviruses are able to change their actual appearance in memory and copy themselvesin much the same way that a chameleon can change colors to avoid a predator. Itis not only the destructive nature of computer viruses that make them sodangerous in today’s society of telecommunications, but also their ability toadapt themselves to their surroundings and react in ways that allow them toproceed undetected to wreck more havoc on personal computer users across theglobe.BibliographyRizzello, Michael.

Computer Viruses. Internet. http://business.yorku.ca/mgts4710/rizello/viruses.

htm Solomon, Dr. Alan. A Guide to Viruses. Internet.http://dbweb.

agora.stm.it/ webforum/virus/viruinfo.htm Tippett, Peter S.

Alive!Internet. http://www.bocklabs.wisc.

Sorry, but downloading text is forbidden on this website. If you need this or any other sample, we can send it to you via email. Please, specify your valid email address

Thank you! How about make it original at only $13.90/page?

HAVEN’T FOUND YOUR TOPIC?

Sorry, but downloading text is forbidden on this website.
If you need this or any other sample, we can send it to you via email.
Please, specify your valid email address

Thank you!
How about make it original at only $13.90/page?