Title:Computer virus and PreventionIn therecent years, through the transmission of e-mail, virus has becomethe biggest hazard to the development of the network industry. Since the pastfew years, a wide range of viruses have been spread through internet. As theinternet is becoming a global tool, the virus is also becoming a global troublemaker, and system killer. Compared with the traditional virus, the virusesspread through the network, especially the e-mail, shows faster speed and morepowerful lethality. On the basis ofanalyzing the characteristic of the computer virus in the informationtechnology age, the effective way of preventing virus will be discussed.1 The Generation of Computer VirusThe generation of computer virus is the inevitableproduct of the development of computer technology and the process of computerbased social information development to a certain stage. The background is: 1.
1 Whatis computer virus?Computer virus is a new form of high technology crime,which is instantaneous, dynamic and random. It isessentially difficult to obtain evidence, and it can damage the computerdramatically. Because it has small risk and huge damage, it irritates the crimeconsciousness and criminal activity. It reflects some people’s mischievous andretaliatory mindset in the field of computer application.1.2 TechnicalreasonThe technical reason is the vulnerability of thesoftware and hardware of the modern computer.
The software could be easilydeleted or rewritten. And, the manual way to design the computer software isinefficient and not secured, due to its long production cycle. Designer have noway to know whether there is any mistake in the program before the program isin operation. The mistake could be modified only in the operation.
Designershave no idea how many errors and defects are hidden in the program. Thosevulnerabilities provide a tunnel for the invasion of the virus.1.
3 EnvironmentThe popularization of computers is the necessaryenvironment of the generation of computer virus. The hardware of most of themodern computers is simple, and the operation system is highly transparent. Dueto the lack of security, more and more users are able to understand clearly theshortcoming of the computer. They could makedifferent attack choices based on different purposes.2 Properties of computer virusComputer virus can be hidden in computer storagemedium (the hard drive) or program. When certain condition is qualified, thecomputer virus is activated by some program, or instructed remotely to destroycomputer resources. The computer virus is a small program, but it is differentfrom the computer program with some unique characteristics2.
1 Parasitism:computer virus is parasitic in another program. When executing this program,the virus will begin to destroy; however, it is not easy to be detected beforeit starts.2.2 Infectivity:computer virus can not only destruct, but also infect. The infection speed ishard to contain once the virus is produced and duplicated. In the biologyworld, virus spread from one organism to another through infection. Underappropriate conditions, it can be reproduced in large quantities, and wellsmake the infected organisms show illness or even death.
Similarly, computerviruses will spread from infected computers to non-infected computers throughvarious channels.In some cases, the infected computers will be in disorder or evenparalyzed. Unlike the biological virus, a computer virus is a piece of humangenerated computer program, that can be transferred to other computers. Oncethe program is executed, it will search for other program or storage mediumcontaining infectious conditions. It will determine the target and theminsert its own code into another programto achieve the purpose of self reproduction. If a computer is infected, if itis not processed in time, the virus will spread quickly on this machine, and alarge number of files (usually executable files) will be infected.
The infecteddocuments have become a new source of infection, and then infect other machinesor contact them through the network, the virus will continue to spread. Normalcomputer programs generally do not connect their own code to other programs.The virus can force its own code to infect all non-infected programs. Computerviruses can infect other computers through various possible channels, such as USB,and computer networks. When a computer virus is found on a machine, the carrierthat is used to transfer files is also infected. Other computers that are in the same networkas the infected computer may also be infected by the virus, too. Whether it iscontagious or not is the most important condition for judging whether a programis a computer virus.
2.3 Latency:some viruses is pre-designed to make attack at certain time, just like a timebomb. For example, the black Friday virus can’t be detected at any time beforethe scheduled time. When certain condition is qualified, it will explode atonce and destroy the system. An elaborate computer virus program will notoutbreak at the moment it enters the operation system. It could be hidden inlegal documents in a few weeks, months, or even a few years.
It will start toinfect the system, and it will not be found easily. The better the latent, thelonger the computer virus will exist in the system, and the greater the scopeof infection the virus will do. The first behaviour of latent refers to the itscrypticity. A computer virus program will not be found without certainprofessional detection program. The virus could quietly hide in disk orcarriers for several days or even years. The virus will operate and continue tobread, spread and harm when it get opportunity. The second behaviour of latency is that thereis usually a internal trigger mechanism in the computer virus. When it does notmeet the trigger condition, the computer virus will hibernate beside infecting.
Once the trigger condition is satisfied, some of the computer viruses willdisplay information, graphics or special marks on the screen, others performoperations that destroy the system, such as formatting disk, deleting diskfiles, encrypting data files, blocking keyboards, and locking the system.2.4 Hidden:computer virus has a strong concealment. Some of them can be checked out byanti-virus software, others cannot be found at all. Those virus is usually difficult to deal with.2.
5 Destructiveness:when a computer isinfected by the computer virus, it may not able to run thesoftware normally. The files might be deletedor be damaged in varying degrees.2.6 Triggering:a computer virus, due to the occurrence of an event or value, starts to carryout infection or attack is called triggering. In order to conceal, the virusmust lurk. If the computer virus is completely inactive and lurking, the viruscan neither infect nor destroy. The virus needs to be able to hide and keep itspower of destroy as well.
Therefore, it must know when to switch its status.The triggering mechanism of a virus is used to control the frequency ofinfection and destruction. The virus has a predetermined trigger condition,which may be time, date, file type, or certain data. When the virus is running,the trigger mechanism checks whether the predetermined conditions are met.
If thecondition is satisfied, it will start the infection or destruction action. If thecondition is not satisfied, the virus will continue to lurk.3 The most common computer virus and their forms atpresent (for Windows only) 3.1 Systemvirus: prefix: Win32, PE, W32, etc. Theseviruses can generally infect the *.exe and *.dll files of the windows operatingsystem and spread through these files.3.
1.1 ?Bi???Parasite.Bi?3.2 Wormvirus, prefix: Worm. The virus is transmitted through network or systemvulnerabilities, and most of the worm viruses are sent out with email.
It couldblock the internet.3.3 Trojanvirus, hacker virus. The prefix of the Trojan virus is Trojan, and the hackervirus prefix is generally named Hack. The public character of Trojan virus isto enter the user’s system through the network or system vulnerabilities andhide itself.
And then it will disclose the user’s information to the outsideworld. The hacker has a visual interface to control the user’s computerremotely. Trojan horses and hacker viruses often appear in pairs, that isTrojan horse is responsible for intruding into the user’s computer, and hackervirus will be controlled through the Trojan virus.
Now these two types arebecoming more and more integrated3.4 Bundledmachine virus, prefix: Binder. The public property of this kind of virus isthat the virus is bundled with some applications that are available in theinternet. It looks like a normal file by its appearance. When the user runs theprogram, the bundled virus will be activated, and begin to damage. 4 Computer Virus Precaution strategyThemost important hardware and software entities in the computer network areservers and workstations. Therefore, the server and the workstation should beconsidered the first for prevention and control of computer network viruses. Onthe other hand, strengthening comprehensive control is also important.
Thenetwork server is the center of the computer network, and it is the backbone ofthe network. One of the important signs of network paralysis is the paralysisof the network server. Once the network server is knocked down, the loss iscatastrophic, irretrievable, and inestimable.4.
1 Preventionof local area network virus: virus prevention has became a very important partof the daily management of the local area network (LAN) in the company, due tothe huge number of computers in LAN and the users are on different level ofanti-virus. Therefore, the prevention of computer virus should qualify thefollowing aspects4.1.1 It is essential to select the anti-virus softwareapplication and update the virus database.4.
1.2 Install all kinds of patches, timely installation ofvarious patches is also very important4.1.3 Standardize the use of electronic mail.4.1.4 Do backup forwork and data.
To a company, the most important part should be the files and datain the storage4.1.5 Isolate the infected computer4.2 Preventionon the user end4.2.1 Pay attention to the attachment of the mail as much aspossible. 4.
2.2 Always in a set of anti-virus software. 4.2.3 Pre scan the accessories before opening any attachment4.2.4 Pay attention to the file extension. Windows allowsusers to use multiple extensions when naming files, but many e-mail programsdisplay only the first extension.
This will camouflage the virus.4.2.5 Do not run unknown program4.2.6 Never blind forward any email4.
2.7 Blocking system vulnerabilities. Many network virusesare now spread with Microsoft’s IE and Outlook’s vulnerabilities.4.2.8 Don’t take the documents casually. Try not to acceptfiles from strangers in the online chat system, such as Skype or Facebook.
4.2.9 Do automatic virus check to ensure that the computerwill do automatic virus check on the inserted plug and play media, as well ase-mail and internet files.4.3 Computernetwork security strategy4.3.1 Access control: most of the programs installed inWindows10 operating system requires certain administrative authority to be used.
Company could take this advantage, and eliminate unnecessary people to touchcertain program. Thus lower the probability of getting the program infected anddamaged by computer virus. When needed, the company could assign a temporary administrativeauthority to access the program. When users gets the permission, they can login to Windows10 with their identities,then right-click the setup file, press and hold the Shift key on the keyboard,click from the shortcut menu then appears in the operation mode, with thecorresponding management authority. Finally they will be required to enter theusername and password in the pop-up window.4.
3.2 Information encryption strategy: the purpose ofencrypting the information is to protect the data, file, password, and controlinformation in the network, thus protect the data transmitted on the internet. Thereare three common methods of network encryption: link encryption, endpointencryption and node encryption. The purpose of link encryption is to protectlink information security between network nodes.
The purpose of end-to-endencryption is to protect data from users to destination ends, and the purposeof node encryption is to provide protection for transmission links betweensource nodes and destination nodes. The user can choose the above encryptionmethod according to the network situation.