A Literature Review Regarding Virus Protection

A Literature Review Regarding Virus bulwarkAlthough most of the people hark back that there is nothing to do a research in the argona of information processing system reckoner virus defendion, there ar more and more things to research as everyday more than 200 ready reckoner malw ar argon created by the virus creators. In the modern world most of the people are using reckoners in their day-to-day activities. So it is more important to have knowledge of reckoner viruses and encourage the computing machines from those viruses. pay backsloppypar windupsloppyparIdentifying what the information processing system viruses are, their types, the threat to the figurer from electronic computer viruses, the give way neverthelesst of computer viruses and prevention mechanisms from the computer viruses are the objectives of this literature review.endabstractsectionIntroductionAs the usage of the computers and creation of computer viruses are increasing all oer the world, ev ery computer exploiter began to search about the computer viruses. But there are some other various kinds of packet package package like worms and Trojans that toilette do around harm to the activities of the computer other than the viruses. Although they are different from computer viruses, the computer users are used to call those other types of cattish bundle package viruses.beginsloppyparendsloppyparThough there is no any real definition for the computer viruses, they can be considered as superfluous kind of software political platforms that have the cogency of self replicating over execut adequate files reside in the computer and do several(prenominal) interruption to the activities of the computer. As the computer viruses are spreading exactly when the executable files are executing, the viruses can effect only for the executable files in the give computer. So most of the sentence the files with .EXE , .COM , .BAT , .SYS extensions are infected. A computer vi rus can be written with a few lines of programming cyphers in any programming language. Any person who has a personal computer can write a computer virus and send it to another computer or system far away from the computer which produced the virus through a ne bothrk or any disk. These viruses can destroy any massive computer system or network considerably within few seconds.beginsloppyparendsloppypar electronic computer viruses which do less harm to the computers are only spreading over the computers and computer networks. They do not do any dangerous harm to the computers other than simply replicating them in the system. The most dangerous type of viruses effect to the computers by changing the content of the files, partly of completely deleting the files reside in the computer. The data stored in the computer can be lost by infecting these kinds of computer viruses. These types of computer viruses cannot be catch by examining the files in the computer. But only the destructio n they have done to the computer testament remain. So capturing these viruses is the more difficult thing.beginsloppyparendsloppyparPreventing or protecting from computer viruses not only mean installing an anti virus program and scan the files by getting use of the anti virus program but also alertness of the computer viruses or malicious software and practicing best practices when using a computer. But most of the time most of the computer users trust various anti virus programs to protect their systems against computer viruses. Various anti virus programs use various methods or procedures to capture viruses and other types of malicious software. But with any of the computer protection method, they cannot fully protect the computer from computer viruses or malicious software. The next session of this review is considered about what are the types of Malware and how they infected to computer system. key out1 parvenuepagesectionTypes of malwareThere is no standard method to catego rize viruses into various types. But when we consider current situation of computer viruses in the world we can basically declare types of malware as follows,begin full pointise situation Trojanitem Wormsitem VirusesendretellsubsectionTrojanTrojan viruses do not reproduce in the computer but after a Trojan virus enters into the computer they just allow the outside persons to read the files reside in the computer. Usually Trojans steal passwords and send e-mails to hackers. Then the hacker will get the dominate of the users account. cite2subsectionWormsWorms are kind of computer viruses copy and spread over the computer networks. It does not need a host to spread. Once they multiplied in a computer, the copied viruses scan the network for further multiplying and spreading via the network.cite2subsectionVirusesComputer viruses are a program, a block of executable code which attaches itself to. It overwrites or replaces some(a) code of computer program without knowing of computer use r. A virus always needs a host program to reside. The virus is in its idle state till the host program it resides executes. When the host program executes the bock of code of the virus also executes and searches for another location which it can infect. The computer viruses can be categorized into number of categories like Resident Viruses, Direct Action Viruses, Overwrite Viruses, Boot Viruses, Macro Viruses, Directory Viruses, Polymorphic Viruses, File Infectors, Companion Viruses, plank Viruses. cite2begin numerateitem Resident Viruses Permanent viruses reside in the RAMitem Direct Action Viruses This type of virus spreads and does its work when it is executing.item Overwrite Viruses These viruses delete the content of the files reside in the computer.item Boot Viruses This kind of virus infects to a boot sector of the unwaveringly drive or floppy. A boot virus can be infected to the boot sector of the computer by booting the computer from an infected floppy disk.item Dire ctory Viruses These viruses change the path of a file.item Polymorphic Viruses These are encrypting their own code with different algorithms every time they enter into a system.item File Infectors Infect programs or executable files. They infect to a file when the program attached to it executes.item Companion Viruses These are working like resident physician viruses or direct work on viruses.item FAT Viruses These infect to the file allocation table.item Macro Viruses This kind of virus infects to the files that have created using programs that check over macros. Currently most of the times they are affecting to Word 6, WordBasic and Excel as macros are created by WordBasic. In the present situation of the computer viruses, 15 percent of the viruses are macro viruses. On daily basis macro viruses are created by the computer users in their machines. New macro viruses are creating overdue to corruption, mating and conversion. Macro viruses are the most destructive kind of a virus. approximately of the traditional anti virus programs are unable to detect those raw macro viruses. cite2enditemizenewpagesectionHow Viruses affect and infect to the systembeginfigurehparincludegraphicsbb =0 0 snow 325 virus.pngcaptionMalware Detected by Year cite10parendfigureIf the virus generation speed is greater than its death rate, a virus can easily spread within a short period of time. Figure1 images how Malware spread with time. All the computer viruses do not activate at the time they enter into the computer. But sometimes they activate after some period of entering it into the personal computer or computer system. Some of them will never activate and some will activate and do harm to the files in the system or change the content of the files, format the hard disk, show a picture in the background.beginsloppyparendsloppyparThere are lots of ways which a virus can enter into a computer. Most of the time, they spread and enter into a new computer through a compute r network. With a removable media, it is possible to spread a virus. By downloading some games or software through a weather vane site, a virus can enter into a new system. In the past there was a guarantee that the web sites do not take on viruses. But in the present situation, there is no guarantee that the web sites do not contain viruses.beginsloppyparendsloppyparTrapdoor is another common way of entering a virus into a system. Trapdoors are sometimes created by the programmers who developed the software to fend off going through the security procedure or avoid entering passwords during the period of time the system or software is developed. As a trapdoor is a way to enter into a system without entering a password, a virus can easily enter into a system through a trapdoor.beginsloppyparendsloppyparIf have the attention to the new computer viruses, the code of some newly created computer viruses are encrypted so that the anti virus software cannot catch them. cite3sectionProte ction from computer virusesTo spread a virus from one computer to another, it should have the permission or ability to execute its code and do some modifications or completely delete the files other than the file the virus currently residing. According to those facts, protection from computer viruses mode prevent the computer virus from copying it self to another location, the computer virus does not contain or avoid modifying or deleting the other files the computer virus does not reside.beginsloppyparendsloppyparIf the content of a file has modified or edited without knowledge of the user, the user can suspect that a virus has been infected to the computer. Other than that when a virus has attacked a system, sometimes the performance of the computer can be reduced, various error messages are displayed or use some storage space from disk drives unexpectedly.beginsloppyparendsloppyparWorms normally rise addresses to spread and they capture the addresses in three ways. Wormsbeginit emizeitem Randomly generate addressesitem Find addresses in system tablesitem Find addresses in a programenditemizeProtection against worms can include,beginitemizeitem Put passwords that cannot easily guess.item Remove some processes which reveal the secured data in the system.item Apply some solutions to the bugs.enditemizeAs worms are rapidly spread over networks and they are trying to overload the networks, protecting from worms include monitoring network activities and do isolation and deactivation of some parts of the network.beginsloppyparendsloppyparWhen it comes to protecting computers from viruses, the simplest things the user can do is always backup the data reside in the computer. But it is not a proper solution to deal with the computer viruses. As most of the computer users are now aware of the computer viruses they control write privilege to computer programs. aft(prenominal) infecting a virus to a program since it changes the content of the file, there are some kind of software that can be used to check the content for irregular changes in its content. cite4,12sectionAnti virus software programsWhen protecting a computer from computer viruses with the help of an anti virus program, the service providers of those anti virus programs are providing their service to its clients in number of different ways. Some of the vendors or anti virus software are waiting for a request from a user for their product. After the client or the user requests, the service provider provides their service to the user. another(prenominal) kind of anti virus vendor automatically downloads and installs their product into clients machine without the knowledge of the user. Some of the vendors are sending emails to the computer users mentioning the availability of their product. However some of those above mentioned ways have some ethically not relevant procedures.beginsloppyparendsloppyparThough thousands of anti virus programs, designed by programmers are there to detect computer viruses, they cannot play a perfect role in detecting computer viruses. More viruses are written for a new platform is the reason for that. To detect those new viruses, new detection technologies should be invented. There are number of computer virus detection methods.beginsloppyparendsloppyparOver some years ago, only the cognise viruses could be detected by anti virus programs. What those anti virus programs did were, selecting a string from know viruses and when a scan for viruses is started, anti virus program searches for files include that string and detect that file as an infected file. This method of detecting computer viruses looked only for static characteristics of known computer viruses. But as thousands of computer viruses are creating within a year, the industry people started to create anti virus programs that are detecting unknown computer viruses too. These methods are called heuristic method.beginsloppyparendsloppyparAs computer virus infection has becom e a huge threats to who owns a computer and who uses computers. Most of the computer users are today getting the service of an anti virus program to detect malicious software or computer viruses. acquiring use of an anti virus software is the most secured and popular way to protect the computers from malicious software. Anti virus programs identify the malicious software in two main approaches.beginitemizeitem They use a string matching approach to identify previously known viruses or malicious software.item The second method the anti virus programs use is capturing abnormal behaviors of any computer program running on the computer.enditemizebeginsloppyparendsloppyparIn string matching approach, the anti virus programs are getting use of a virus dictionary which contains the codes of previously known viruses. When an anti virus program starts to scan a file it refers to the virus dictionary and when it finds a block of code in the scanned file which also include in the virus diction ary, it quickly takes an action against the funny file. cite5beginsloppyparendsloppyparIf an anti virus program uses capturing abnormal or suspicious behaviors, it monitors the behavior of the file which is scanning and if the file behaves abnormally the anti virus program detect the file as infected file an take an action against that. By using this method, the new viruses can also be detected. cite5subsectionThe problem in virus dictionary methodAs virus creators are now aware of virus detection methods, they are now writing the viruses so that the codes of the virus as encrypted codes when it is in a program. otherwise they write the virus programs so that the code of itself doesnt look same as the real code of it. Because of those two reasons, the anti virus program cannot detect the infected file by matching the strings using the virus dictionary. The other problem of this method is it cannot detect a new virus which doesnt contain in the virus dictionary.subsectionThe proble ms of detecting a virus by its behaviorAs this method is searching for a suspicious behavior of the file that is world scanning, a files that shows abnormal behavior which has not been attacked by a virus or malicious software can also be detected as an infected file by the anti virus program. If the user gets an action against that file sometimes that non infected file can also be deleted. So modern anti virus programs do not use this approach to detect a virus.There are some fake anti virus software which do not clean or protect the computers. These fake anti virus software come with names which are similar to other real anti virus software. When a user sees such a fake anti virus software the user feels that this ant virus software is a real one and then he install than fake anti virus software into the computer. After installing that fake one in the computer, it displays fake messages saying there are some viruses in the computer and to transport it from the computer pay some amount of money. As these kinds of fake anti virus software are there with only the aim of earning money, the computer users must aware of that kind of fake anti virus software too.beginsloppyparendsloppyparAlthough there are so many anti virus software to detect computer viruses, the latest computer viruses cannot easily be caught by even the latest anti virus software programs as the code of virus is encrypted. What the virus creators do to hide the source code of the virus is encrypting the code of the virus and sends it to the computers. So the anti virus software cannot easily understand the code and they cannot catch that file as a suspicious file. Some virus creators encrypt the code and keep the key to decrypt in another file to make it more difficult for the anti virus software to find the virus. But adept anti virus software, which have used good algorithms, should be able to detect those computer viruses too. cite6,7subsectionMost certain anti virus software cite11begin itemizeitem BitDefender Antivirus 2010 BitDefender is using advanced heuristic detection method and provides protection against online viruses, spyware,phishing scams and more. This provides protection by scanning web, IM and emails and this is capable of encrypting the IM s too. One of the new features BitDefender looking for is Active Virus Control which monitor the behavior of a file continuously. cite13item Kaspersky Anti-Virus 2010 Provides protection from viruses, Trojans, bots, worms and spyware. The interfaces and tools used are advanced but this provides agreat protection against most of the real threats. cite14item Webroot AntiVirus with SpySweeper 2010 This is a screen background anti virus package and protect the computer from viruses,trojans,worms and other number of malware. This catches the malware before the malware does any harm to the computer. cite15item Norton AntiVirus 2010 Uses signature ground protection. However provides a new features like the proactiv e reputation scanning. But uninstalling the software might cause some problems as its partial uninstallation. cite16item ESET Nod32 Antivirus 4 Kind of setting anti virus software. But this doesnt provide a complete security and misses some protection. This is not in the arguing with other anti virus software. cite17item AVG Anti-Virus 9 Includes antivirus and antispyware protection. provides complette protection from harmful downloads and web cites. cite18item F-Secure Anti-Virus 2010 Great desktop anti virus. Has one of the most effective scan procedure and test results are shown to prove that. When installing this anti virus software, it has been automatically configured to remove the other anti virus software installed to the computer. cite19item G DATA AntiVirus 2011 Uses two distinct antivirus scanning engines, behavioral/heuristic protection, and even self-learning fingerprinting.This provides protection against malware spreading via emails and IM. The types of malware which are detected by this anti virus software are,phishing scams, dialers, adware, malicious scripts, Trojans, rootkits and worms. cite20enditemizesectionGetting use of a firewallThe firewall is a kind of a program design to protect the computer from harmful things that are climax from the internet. Firewalls are divided into two categories as hardware firewall and software firewall.beginsloppyparendsloppyparHardware firewalls are some kind of small hardware which can control the data coming from multiple computer systems. Software firewalls are kind of software that have the ability to block suspicious data coming to the computer from the internet. So to protect the computer from viruses and other kind of malicious software a software firewall and hardware firewall can be use. cite5sectionBest practices to protect the computer from computer virusesThough there are thousands of anti virus software are there, the computer users are also having the responsibility of protecting the co mputer when using the computer. They have to follow some best practices when they use a computer.beginitemizeitem Although the computer user is the owner of the computer he should not always log into the computer with the administrator privileges. If they log into the computer as a normal user, some kinds of viruses will not be able to enter into the computer.item A computer user should avoid from installing some anti virus software or some other software in some other persons computer.item As some viruses are coming with email attachments, when opening emails it is good to not to open emails from unknown addresses.item When downloading and installing anti virus software, download a recommended anti virus software.enditemizenewpagesectionConclusionAccording to the researchers, each and everyday over 200 computer viruses which can destroy a whole computer system within a few seconds are released by the computer virus creators. The worst thing that result an inflection is loosing data the reside in the computer.beginsloppyparendsloppyparMost of the time, these kind of destructions happen because of the lack of awareness of the computer users about the computer viruses. To mitigate the risk of infecting a computer virus to a users computer, the main thing we can do is make the computer users aware about the computer viruses, risks of infecting a computer virus and avoiding from computer viruses.beginsloppyparendsloppyparThe people who have an idea about computer viruses most of the time trust anti virus programs. But just installing an anti virus software is not enough to protect the computer from computer viruses. The computer users also have the responsibility to protect the computer from computer viruses. As most of the time the computer viruses can come with the e-mail attachments, the e-mails from unknown addresses should not be opened. When downloading something from a web site the users should use only the trusted web sites and recommended software. But no w there are nothing called trusted web sites. Even the software downloaded from Microsofts web site may contain viruses. Some viruses cannot enter into the computer if the user is logging into the computer with user privilege. So it is good to normally log into the computer with the user privilege.As viruses attack only the executable files, the write permission to those files can be restricted.beginsloppyparendsloppyparAfter installing an anti virus software program in a computer,to get the best protection from that anti virus, keeping it up to date is more important. But though there is an anti virus program installed in the computer, when plugging external removable devices into the computer, it should be scanned.beginsloppyparendsloppyparBut the final end which can come through this review is that though there are many protection methods,that are available in the world, a computer user cannot be completely safe from the computer viruses. That means any of the computer protectio n methods is not perfect in protecting computers from computer malware.newpagebeginthebibliographywidest incomingbibitem1 Markus Hanhisalo,emphcomputer Viruses,Available athttp//www.tml.tkk.fi/Opinnot/Tik-110.501/1997/viruses.html 1.Introduction% 20to% 20Computer% 20Virusesbibitem2 Top Bits,2010, http//www.topbits.com/types-of-computer-viruses.htmlbibitem3 McAfee,emphAn Introduction to Computer Viruses and other Destructive Programs,Available at http//www.mcafee.com/common/media/vil/pdf/av_white.pdfbibitem4 Stanley A. Kurzban, emphDefending against viruses and worms,Available athttp//portal.acm.org/citation.cfm?id=68697bibitem5 emphHow AntiVirus Works,Available athttp//www.antivirusware.com/articles/how-anti-virus-works.htmbibitem6 emphHow does anti-virus software work?,Available athttp//www.antivirusworld.com/articles/antivirus.phpbibitem7 emphHow Antivirus Software Detect Computer Viruses,Available athttp//security-antivirus-software.suite101.com/article.cfm/how-antivirus-softwar e-detebibitem8 emphWhat Is A Computer Virus? An Introduction To Computer Viruses,Available athttp//www.computertipsfree.com/computer-tips/security-tips/what-is-a-computer-virus-an-introduction-to-computer-viruses/bibitem9 http//www.washington.edu/itconnect/security/tools/bibitem10 Tech Bitz, http//tech-bitz.com/2008/04/05/virus-and-spyware-threat-is-larger-than-ever-before-anti-virus-companies-struggle-to-keep-up-with-flood-of-spyware/bibitem11 emphAntiVirus Software Review ,http//anti-virus-software-review.toptenreviews.com/bibitem12 Charles P. Pfleeger,Shari Lawrence Pfleeger emphSecurity in deliberation (4th Edition) bibitem13 emphBitDefender AntiVirus Review ,http//anti-virus-software-review.toptenreviews.com/bitdefender-review.htmlbibitem14 emphKaspersky Anti-Virus 2010 ,http//anti-virus-software-review.toptenreviews.com/kaspersky-review.htmlbibitem15 emphWebroot AntiVirus with SpySweeper Review ,http//anti-virus-software-review.toptenreviews.com/webroot-antivirus-review.htmlb ibitem16 emphNorton AntiVirus 2010 ,http//anti-virus-software-review.toptenreviews.com/norton-review.htmlbibitem17 emphTrend Micro AntiVirus + AntiSpyware ,http//anti-virus-software-review.toptenreviews.com/pc-cillin-review.htmlbibitem18 emphAVG Anti-Virus 9 ,http//anti-virus-software-review.toptenreviews.com/avg-review.htmlbibitem19 emphF-Secure Anti-Virus Review ,http//anti-virus-software-review.toptenreviews.com/f-secure-review.htmlbibitem20 emphG DATA AntiVirus 2011 ,http//anti-virus-software-review.toptenreviews.com/antiviruskit-review.htmlendthebibliographyenddocument