VIRUS Full Form Name
Full Form of Computer VIRUS :
Vital Information Resources Under Siege
VIRUS Full Form is
Vital Information Resources Under Siege. VIRUS is a software
designed to duplicate itself and this is done by replicating itself into
various programs that are stored in the computer. Most often it creates a
negative effect like corrupting the programs and functionalities of them as
well as the data stored in the memory of the computer.
Man creates every VIRUS that
affects a computer. It is quite easy to create a simple virus which duplicates
itself multiple times.Though it appears simple it can cause high damages to the
system. On the other hand, complicated VIRUS programs have the capability to
transmit across various networks and bypass security systems.
It was in 1987 when one of these
VIRUSES damaged ARPANET (which was a huge network utilized by several
universities and defense departments) that several anti virus programs started
appearing in the market. Currently, most systems are equipped with adequate
anti-virus tools to conduct periodic checks of the computer to the commonly
known virus programs.
VIRUS Full Form – Additional Information
The progress of the digital world
has picked up incredible pace since last few decades, especially with the
advent of computers. Without computers, one can hardly imagine life. Almost
everything we do seem to have some or the other connection with the digital
world. The world has switched to computers that provide mechanisms that are
more convenient.
When computer was first invented,
no one could have imagined that in future different varieties of computers
would occupy the households, open cafes, business cabins, and other places. No
one could have imagined that human beings would become so dependent upon these
machines that almost everything in their lives would have some or other thing
to do with them. Because of the incredible dependency of humans on computers,
computer engineers have been working hard to come up with better advancements
to improve the services.
These computer engineers have big
tasks to achieve and they are the tasks to protect the internal mechanism of
computer systems, the database stored in them, and interests of the consumers.
They now face the biggest challenge from tech-savvy miscreants who dispatch
numerous computer viruses that posses the capability to destroy the functioning
systems of the computers and render them useless.
A computer virus, or popularly
known as virus, refers to the biggest problem to the security of computer
systems. It refers to a malware program, which functions like viruses affecting
human body. This program the has the tendency to replicate by inserting its own
copies into computer programs, files, or the boot sector of the hard drive.
This replication happens when the virus is successfully executed. As soon as the
virus conducts replication successfully, the files affected by it are referred
to as “infected” areas.
Like a virus weakens or destroys
the immunity system of a human body similarly a computer virus has the
capability to reduce the performance of or destroy the computer system. It can
cause stealing of hard disk space, accessing personal information stored on the
computer database, displaying comical messages on the computer screen, showing
explicit advertisements on the screen, sending spam, etc. Many computer viruses
have the feature of installing themselves on the target computer system without
the consent of the computer user. This feature is not common among all viruses.
The operating system most affected by viruses is the Microsoft Windows.
It is often asked why anyone
would want to create viruses and transmit them to various computer systems.
Well, the most common reasons for the deliberate creation of viruses are profit
making, stealing personal information, carrying out a political agenda, etc.
Many cases have come where viruses were created as a matter of time pass and
entertainment. Whatever the reason may be, a computer virus has caused great
economic losses of more than billions because it results in the dysfunctional
computer system, malfunctioned features, squandering of money, corruption of
database, etc. Although there are many free ant-virus softwares available for
detection and elimination of computer virus, the loss is still huge because
many of these antivirus softwares are unable to detect all the viruses hidden
in the system.
Computer virus is a serious
concern to computer engineers as well as consumers. There are many aspects of
computer virus which must be known to people because they affect a vital object
of your life, computer. This article will deal with ten points of information
about the computer virus that everyone must know.
Historical facts about Computer VIRUS:
To begin with this topic, let us
explore some historical facts about the computer virus. It is important to know
where all this started and how it all started.
The first virus was detected on
ARPANET, the predecessor of the Internet, during the 1970s. The virus was
termed the “Creeper Virus”. It would be interesting to note that this virus was
made on an experimental basis for the purpose of infecting DEC PDP-10 computers
that functioned on TENEX Operating Systems. The virus was written by Bob
Thomas. The Creeper virus, when successfully executed, would display a message
on the display screen: “I’m the creeper, catch me if you can!”
In the year 1982, another virus
known by the name Elk Cloner appeared. It was declared to be the first virus to
infect personal computers. The virus was written by Richard Skrenta, who
attached the virus with Apple DOS 3.3 operating system. The virus could spread
through a floppy disk.
Fred Cohen had published a paper
titled “Computer Viruses-Theory and Experiments” in the year 1984 that was the
first paper to expressly use the term ‘virus’. In his paper, he explained that
complete detection of all the computer viruses was not possible. It was Fred
Cohen, who came up with the concept of compression virus that talked about
viruses that he termed ‘benevolent’.
In the year 1992, Microsoft
Windows witnessed its first attack. The virus named Winvir was detected in
April month of the same year. The virus functioned with the help of DOS
interrupts. Eventually in the year 1995, the Boza group developed the VLAD
virus that came to be known as the first virus to attack Windows 95. Commodore
Amiga was the first known virus to have affected home computers.
Even social networking websites
could not remain untouched by the virus writers. Win32.5-0-1 is the first virus
to have been directed towards social networking websites. It targeted MSN
Messenger and Bulletin Boards. In this, the users of these sites would be asked
to click on a link given, which if clicked, would cause the virus to activate.
On activation, the user data will send to an unknown e-mail id. That e-mail id
was later found to belong to the writer of the virus, Matt Larose.
Vulnerability of Operating Systems:
Different operating systems are
differently vulnerable to viruses and thus differential factor often becomes
one of the determining points on whether or not to buy a particular operating
system.
As mentioned earlier, the most
commonly affected operating system is the Microsoft Windows. This is due to the
massive popularity of this operating system across the globe, which makes it
easier to distribute viruses. Operating systems like Linux, which are available
in the form of open source operating system, facilitate options to users to
choose from like desktop environments, packaging tools, etc and this limits the
effects of malicious program. In operating systems like Linux, the virus would
only affect limited number of users. Unlike Linux, the Microsoft Windows makes
use of same set of applications the that allows virus to impact larger number
of users.
Mac operating systems are
preferred over Microsoft Windows and other operating systems because of their
significant invulnerability to the virus. Records show that only a few viruses
have been reported to affect Mac systems.
Another problem with Microsoft
Windows is that it allows users greater freedom in making alterations in the
operating system environment and many of these alterations can be easily done
without any permissions. This feature is not available in operating systems
like UNIX and Linux that do not enable users to make changes to the system’s
environment without permission. Ease in making changes allows viruses to gain
control over the operating system.
Social Engineering and other practices:
Before a virus could affect the
system, it must be allowed to successfully execute a code and write it to
memory. That is why often viruses would cling to executable files, which when
launched would cause the execution of the virus code.
Many operating systems like
Windows often makes use of file extensions that help in ascertaining the
category of file. Many of these extensions are not visible to users and because
of that, viruses take advantage. Viruses are able to create files extensions
that seem different to users. Let us take up an example for clear
understanding. Suppose an executable file is created with name abcd.png,exe.
The user might believe it to be a file is an image. Thus, virus writers
undertake many practices that can expose vulnerabilities in operating systems.
Resident and non-resident Computer Viruses:
Of all kinds of viruses,
resident, and non-resident viruses need to be specially discussed as they lay
down broad distinctions between different kinds of computer viruses.
A memory-resident virus, also
known as a resident virus, undergoes automatic installation meaning that the
virus will be installed the moment the code is executed. After installation,
the virus remains in the RAM (Random Access Memory) throughout the time the
computer is booted and until it is shut down. These viruses attempt to
intercept the access to a target file and redirect the control flow to the replication
module. This way these viruses are able to infect the system.
On the other side, we have a
non-memory-resident virus, also known as a non-resident virus. These viruses
function quite differently from resident viruses. On being executed, the virus
will undertake scanning of the disk to look for targets, infect them, and then
leave the memory.
Macro Viruses:
Another category of viruses is
Macro Viruses. Applications like Microsoft Outlook and Microsoft Word
facilitate large-sized or macro programs into e-mails and documents. This
facility enables automatic run of the programs when document or e-mail is
opened. A macro virus affects these applications.
A Macro virus, also known as
document virus, is a virus that is scripted in the macro language. -These viruses
are inputted into these documents or e-mail, which when opened cause execution
of the virus code and then, infection of the computer system. It is therefore
advised that unwanted attachments or files should not be opened.
Read request intercepts:
The virus writers always keep in
their mind that the virus should be capable of avoiding detection and
therefore, they make use of many deception techniques to achieve the task.
These are called stealth mechanisms. One such method is read request intercepts.
When the antivirus software sends
a read request to the Windows Operating System, some viruses are able to fool
the antivirus software. They do so by intercepting its request to read infected
files to the operating system. What it does is simple: it intercepts the
request, handles the request itself, and provides the antivirus software with
an unaffected/uninfected file. This way the virus remains undetected by the
software.
This stealth strategy is achieved
with the help of code injection of the actual files of the operating system.
Code injection, for common knowledge, means misuse of a bug caused due to the
processing of invalid data. A person would “inject” a code into the system’s
programs and change the manner in which execution takes place.
There is a way to detect stealth.
One has to boot from a medium that is supposedly clean. Then, the antivirus
software can be employed to scan the unused or inactive files on the operating
system. These softwares also detect stealth through virus signatures.
Self Modification:
As mentioned earlier, stealth
mechanism is necessarily implanted into viruses so that they are able to avoid
detection from antivirus softwares. We have already dealt with read request
intercept as one of the methods employed to evade detection; we shall now
discuss modes of self-modification that viruses employ to secure stealth mode.
There can be many ways in which
viruses can achieve evasion through self-modification. One such method is
encryption. Encryption is one method to avoid detection of virus signatures.
This type of encryption leaves only the encrypted module and cryptographic key.
Many viruses may undertake encryption within an executable under exceptional
circumstances for example, when the antivirus software is updating or when the
computer has been rebooted. This method of encryption is known as
Cryptovirology. In this, the virus may even posses the capability to disable
the antivirus software.
Let us discuss Polymorphic Code
that needs special mention. It needs special mention because it was the first
evasion technique adopted that raised serious concerns about the effectiveness
of antivirus softwares. In this method, the virus causes infection of the files
with the help of an encrypted copy of its own self. This encrypted copy is
decrypted by a decryption module, which is altered by every infection caused.
This alteration or modification, whatever you may call it, causes none of the
parts of the virus to remain identical, making it easier to evade antivirus
detection.
Another technique to avoid
detection is metamorphic code. In this type of method, many viruses would
undertake rewriting of themselves each time they infect files. Such viruses are
commonly known as metamorphic. These types of viruses are difficult to create,
as they are large and more complex than other viruses’ forms. To employ this
technique, it is essential that there is a metamorphic engine.
Antivirus Software:
One of the pre-emptive measures
taken to protect the operating system from viruses is antivirus software. It is
a common practice to download antivirus software that has the ability to
significantly detect and destroy viruses from the operating system whenever the
computer downloads or runs an executable. Nowadays there are many antivirus
softwares that block websites containing malwares. In order to have their
scanner function properly, it is important that the software is regularly
updated to “patch security vulnerabilities”.
There are many antivirus software
in the market, offering various features to the users. Some of the softwares
for Windows operating systems are Microsoft Security Essentials, the Windows
Malicious Software Removal Tool, Windows Defender. There are also free programs
available like Secunia PSI.
Antivirus softwares make use of two
methods to detect viruses. The first method is virus signatures, which is also
the most common method of detection. It compares database on the system with a
list of virus signature definitions. The only issue with this method is that it
can only detect viruses with signatures. The second method of detection is a
heuristic algorithm. This method detects viruses whose signature is not updated
in the software.
Computer Virus and Internet:
There is a strong connection
between virus and internet. Before the Internet happened, the viruses were
usually transmitted by means of floppy disks, CD-ROMs, etc. However, with the
increase in use of personal computers, of Bulletin Board System (BBS), of
modems, and of softwares, Trojan Horse programs were easily transmitted. With
time, internet became a hotspot for the transmission of viruses. In the year
2002, the cross-scripting technique surfaced. In this technique, the attackers
are able to inject virus code into a webpages accessed by other users. It is
often used to avoid access controls. This technique has specially affected
websites like MySpace and Yahoo!
Recovery Methods:
It is not always possible to
prevent virus attacks but the damage caused can be contained. In order to avoid
excessive damage, one must ensure backup of data on media that is not connected
with the system or otherwise the media would also be affected. It is better if
the media is read only or operates different file systems. When a CD-ROM or DVD
is used for backup and the back-up session closes, it becomes read-only and
therefore, invulnerable to viruses unless of course an infected filed is copied
into the CD/DVD.
Another method is the
reinstallation of operating system. On successful reinstallation, applications
should be freshly downloaded and necessary precautions should be taken to
prevent infection from restored executable files.