Julian's Science Experiments
  • Famous Experiments and Inventions
  • The Scientific Method
  • Home Computer Experiments Computer Science Fair Projects Computer Jokes Warning!
       

    Computer Viruses
    Experiments, Labs, Studies and Background Information
    For Science Labs, Lesson Plans, Class Activities & Science Fair Projects
    For high School and College Students and Teachers







    Labs and Experiments

    Computer Virus Background Information

    Definition

    A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user.

    Basics

    See also:
    Antivirus Software
    Computer Security

    Computer viruses are harmful computer programs. Viruses could get rid of and damage files on your computer. It could damage files and slow down computer operation.

    Risk of using computers: The Internet lets millions of computer users around the world link together for business and fun. Many different people use the internet. Anyone using the Internet can find information about many different subjects, in many different languages, in very little time. The Internet makes it possible for one person to damage or slow thousands of computers that are linked to it. They can do this by writing computer programs. Or, they can make the computer fill itself with so much useless information that it stops working. If you are not careful you could make your computer crash.

    Anti-virus program usefulness: Computer experts say many private citizens, businesses, and local governments are not concerned about computer security until they suffer a damaging attack. Such an attack can cost computer users a great deal of money in lost business, lost information or damaged computer equipment. They say the attack can be more costly than providing good communications security. The experts say that using a computer anti-virus program is the first step in protecting a business or private computer. An anti-virus program searches the computer for, and guards against, viruses. It also inspects incoming e-mail and new programs for viruses. The experts say that many good computer companies produce anti-virus protection programs. Most companies that offer anti-virus programs also provide new information called "updates" to protect against new viruses or worms as they appear.

    Another way of computer protection: An American company called McAfee Security produces a popular anti-virus protection program. Other companies, for example Symantec and Computer Associates, sell programs that do the same thing. Computer experts say a good anti-virus program is only the first step in computer security. The experts list a number of things computer users can also do to help protect their computers. For example, do not open any file attached to electronic mail if it comes from an unknown person or place. Delete electronic mail from unknown people. Make copies of all important documents and keep them in a safe place. This should be done often to protect valuable information. Computer experts agree that everyone should refuse computer information from strangers. They also agree that users must be extremely careful when copying any kind of information from the Internet to their computer's memory. All experts agree that doing these things is better than suffering a virus or worm attack. The Internet is fun, educational and a great business tool. But because of computer virus attacks, safety is very important.

    Topics of Interest

    A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.

    The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, adware, and spyware programs that do not have the reproductive ability. Malware includes computer viruses, worms, trojans, most rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with computer worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a program that appears harmless but has a hidden agenda. Worms and Trojans, like viruses, may cause harm to either a computer system's hosted data, functional performance, or networking throughput, when they are executed. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or go unnoticed.

    Many personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, and file sharing systems to spread, blurring the line between viruses and worms. Furthermore, some sources use an alternative terminology in which a virus is any form of self-replicating malware.

    Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.

    History: The Creeper virus was first detected on ARPANET, the forerunner of the Internet, in the early 1970s. Creeper was an experimental self-replicating program written by Bob Thomas at BBN Technologies in 1971. Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.

    The first PC virus in the wild was a boot sector virus dubbed (c)Brain, created in 1986 by the Farooq Alvi Brothers in Lahore, Pakistan, reportedly to deter piracy of the software they had written. However, analysts have claimed that the Ashar virus, a variant of Brain, possibly predated it based on code within the virus.

    Infection strategies: In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files that may be part of legitimate programs. If a user attempts to launch an infected program, the virus' code may be executed simultaneously. Viruses can be divided into two types based on their behavior when they are executed. Nonresident viruses immediately search for other hosts that can be infected, infect those targets, and finally transfer control to the application program they infected. Resident viruses do not search for hosts when they are started. Instead, a resident virus loads itself into memory on execution and transfers control to the host program. The virus stays active in the background and infects new hosts when those files are accessed by other programs or the operating system itself.

    Methods to avoid detection: In order to avoid detection by users, some viruses employ different kinds of deception. Some old viruses, especially on the MS-DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus. This approach does not fool anti-virus software, however, especially those which maintain and date Cyclic redundancy checks on file changes. Some viruses can infect files without increasing their sizes or damaging the files. They accomplish this by overwriting unused areas of executable files. These are called cavity viruses. For example, the CIH virus, or Chernobyl Virus, infects Portable Executable files. Because those files have many empty gaps, the virus, which was 1 KB in length, did not add to the size of the file. Some viruses try to avoid detection by killing the tasks associated with antivirus software before it can detect them. As computers and operating systems grow larger and more complex, old hiding techniques need to be updated or replaced. Defending a computer against viruses may demand that a file system migrate towards detailed and explicit permission for every kind of file access.

    Anti-virus software and other preventive measures: Many users install anti-virus software that can detect and eliminate known viruses after the computer downloads or runs the executable. There are two common methods that an anti-virus software application uses to detect viruses. The first, and by far the most common method of virus detection is using a list of virus signature definitions. This works by examining the content of the computer's memory (its RAM, and boot sectors) and the files stored on fixed or removable drives (hard drives, floppy drives), and comparing those files against a database of known virus "signatures". The disadvantage of this detection method is that users are only protected from viruses that pre-date their last virus definition update. The second method is to use a heuristic algorithm to find viruses based on common behaviors. This method has the ability to detect viruses that anti-virus security firms have yet to create a signature for.

    Recovery methods: Once a computer has been compromised by a virus, it is usually unsafe to continue using the same computer without completely reinstalling the operating system. However, there are a number of recovery options that exist after a computer has a virus. These actions depend on severity of the type of virus.

    Source: Wikipedia (All text is available under the terms of the GNU Free Documentation License and Creative Commons Attribution-ShareAlike License.)

    Useful Links
    Computer Science and Engineering Science Fair Projects and Experiments
    General Science Fair Project Resources
    Electronics & Computer Project Books

                  





    My Dog Kelly

    Follow Us On:
         

    Privacy Policy - Site Map - About Us - Letters to the Editor

    Comments and inquiries could be addressed to:
    webmaster@julianTrubin.com


    Last updated: June 2013
    Copyright © 2003-2013 Julian Rubin