Computer virus and Prevention
recent years, through the transmission of e-mail, virus has become
the biggest hazard to the development of the network industry. Since the past
few years, a wide range of viruses have been spread through internet. As the
internet is becoming a global tool, the virus is also becoming a global trouble
maker, and system killer. Compared with the traditional virus, the viruses
spread through the network, especially the e-mail, shows faster speed and more
powerful lethality. On the basis of
analyzing the characteristic of the computer virus in the information
technology age, the effective way of preventing virus will be discussed.
1 The Generation of Computer Virus
The generation of computer virus is the inevitable
product of the development of computer technology and the process of computer
based social information development to a certain stage. The background is:
is computer virus?
Computer virus is a new form of high technology crime,
which is instantaneous, dynamic and random. It is
essentially difficult to obtain evidence, and it can damage the computer
dramatically. Because it has small risk and huge damage, it irritates the crime
consciousness and criminal activity. It reflects some people’s mischievous and
retaliatory mindset in the field of computer application.
The technical reason is the vulnerability of the
software and hardware of the modern computer. The software could be easily
deleted or rewritten. And, the manual way to design the computer software is
inefficient and not secured, due to its long production cycle. Designer have no
way to know whether there is any mistake in the program before the program is
in operation. The mistake could be modified only in the operation. Designers
have no idea how many errors and defects are hidden in the program. Those
vulnerabilities provide a tunnel for the invasion of the virus.
The popularization of computers is the necessary
environment of the generation of computer virus. The hardware of most of the
modern computers is simple, and the operation system is highly transparent. Due
to the lack of security, more and more users are able to understand clearly the
shortcoming of the computer. They could make
different attack choices based on different purposes.
Properties of computer virus
Computer virus can be hidden in computer storage
medium (the hard drive) or program. When certain condition is qualified, the
computer virus is activated by some program, or instructed remotely to destroy
computer resources. The computer virus is a small program, but it is different
from the computer program with some unique characteristics
computer virus is parasitic in another program. When executing this program,
the virus will begin to destroy; however, it is not easy to be detected before
computer virus can not only destruct, but also infect. The infection speed is
hard to contain once the virus is produced and duplicated. In the biology
world, virus spread from one organism to another through infection. Under
appropriate conditions, it can be reproduced in large quantities, and wells
make the infected organisms show illness or even death. Similarly, computer
viruses will spread from infected computers to non-infected computers through
In some cases, the infected computers will be in disorder or even
paralyzed. Unlike the biological virus, a computer virus is a piece of human
generated computer program, that can be transferred to other computers. Once
the program is executed, it will search for other program or storage medium
containing infectious conditions. It will determine the target and them
insert its own code into another program
to achieve the purpose of self reproduction. If a computer is infected, if it
is not processed in time, the virus will spread quickly on this machine, and a
large number of files (usually executable files) will be infected. The infected
documents have become a new source of infection, and then infect other machines
or contact them through the network, the virus will continue to spread. Normal
computer programs generally do not connect their own code to other programs.
The virus can force its own code to infect all non-infected programs. Computer
viruses can infect other computers through various possible channels, such as USB,
and computer networks. When a computer virus is found on a machine, the carrier
that is used to transfer files is also infected. Other computers that are in the same network
as the infected computer may also be infected by the virus, too. Whether it is
contagious or not is the most important condition for judging whether a program
is a computer virus.
some viruses is pre-designed to make attack at certain time, just like a time
bomb. For example, the black Friday virus can’t be detected at any time before
the scheduled time. When certain condition is qualified, it will explode at
once and destroy the system. An elaborate computer virus program will not
outbreak at the moment it enters the operation system. It could be hidden in
legal documents in a few weeks, months, or even a few years. It will start to
infect the system, and it will not be found easily. The better the latent, the
longer the computer virus will exist in the system, and the greater the scope
of infection the virus will do. The first behaviour of latent refers to the its
crypticity. A computer virus program will not be found without certain
professional detection program. The virus could quietly hide in disk or
carriers for several days or even years. The virus will operate and continue to
bread, spread and harm when it get opportunity. The second behaviour of latency is that there
is usually a internal trigger mechanism in the computer virus. When it does not
meet the trigger condition, the computer virus will hibernate beside infecting.
Once the trigger condition is satisfied, some of the computer viruses will
display information, graphics or special marks on the screen, others perform
operations that destroy the system, such as formatting disk, deleting disk
files, encrypting data files, blocking keyboards, and locking the system.
computer virus has a strong concealment. Some of them can be checked out by
anti-virus software, others cannot be found at all. Those virus is usually difficult to deal with.
when a computer is
infected by the computer virus, it may not able to run the
software normally. The files might be deleted
or be damaged in varying degrees.
a computer virus, due to the occurrence of an event or value, starts to carry
out infection or attack is called triggering. In order to conceal, the virus
must lurk. If the computer virus is completely inactive and lurking, the virus
can neither infect nor destroy. The virus needs to be able to hide and keep its
power of destroy as well. Therefore, it must know when to switch its status.
The triggering mechanism of a virus is used to control the frequency of
infection and destruction. The virus has a predetermined trigger condition,
which may be time, date, file type, or certain data. When the virus is running,
the trigger mechanism checks whether the predetermined conditions are met. If the
condition is satisfied, it will start the infection or destruction action. If the
condition is not satisfied, the virus will continue to lurk.
The most common computer virus and their forms at
present (for Windows only)
virus: prefix: Win32, PE, W32, etc. These
viruses can generally infect the *.exe and *.dll files of the windows operating
system and spread through these files.
virus, prefix: Worm. The virus is transmitted through network or system
vulnerabilities, and most of the worm viruses are sent out with email. It could
block the internet.
virus, hacker virus. The prefix of the Trojan virus is Trojan, and the hacker
virus prefix is generally named Hack. The public character of Trojan virus is
to enter the user’s system through the network or system vulnerabilities and
hide itself. And then it will disclose the user’s information to the outside
world. The hacker has a visual interface to control the user’s computer
remotely. Trojan horses and hacker viruses often appear in pairs, that is
Trojan horse is responsible for intruding into the user’s computer, and hacker
virus will be controlled through the Trojan virus. Now these two types are
becoming more and more integrated
machine virus, prefix: Binder. The public property of this kind of virus is
that the virus is bundled with some applications that are available in the
internet. It looks like a normal file by its appearance. When the user runs the
program, the bundled virus will be activated, and begin to damage.
Computer Virus Precaution strategy
most important hardware and software entities in the computer network are
servers and workstations. Therefore, the server and the workstation should be
considered the first for prevention and control of computer network viruses. On
the other hand, strengthening comprehensive control is also important. The
network server is the center of the computer network, and it is the backbone of
the network. One of the important signs of network paralysis is the paralysis
of the network server. Once the network server is knocked down, the loss is
catastrophic, irretrievable, and inestimable.
of local area network virus: virus prevention has became a very important part
of the daily management of the local area network (LAN) in the company, due to
the huge number of computers in LAN and the users are on different level of
anti-virus. Therefore, the prevention of computer virus should qualify the
It is essential to select the anti-virus software
application and update the virus database.
Install all kinds of patches, timely installation of
various patches is also very important
Standardize the use of
Do backup for
work and data. To a company, the most important part should be the files and data
in the storage
Isolate the infected computer
on the user end
Pay attention to the attachment of the mail as much as
Always in a set of anti-virus software.
Pre scan the accessories before opening any attachment
Pay attention to the file extension. Windows allows
users to use multiple extensions when naming files, but many e-mail programs
display only the first extension. This will camouflage the virus.
Do not run unknown program
Never blind forward any email
Blocking system vulnerabilities. Many network viruses
are now spread with Microsoft’s IE and Outlook’s vulnerabilities.
Don’t take the documents casually. Try not to accept
files from strangers in the online chat system, such as Skype or Facebook.
Do automatic virus check to ensure that the computer
will do automatic virus check on the inserted plug and play media, as well as
e-mail and internet files.
network security strategy
Access control: most of the programs installed in
Windows10 operating system requires certain administrative authority to be used.
Company could take this advantage, and eliminate unnecessary people to touch
certain program. Thus lower the probability of getting the program infected and
damaged by computer virus. When needed, the company could assign a temporary administrative
authority to access the program. When users gets the permission, they can login to Windows10 with their identities,
then right-click the setup file, press and hold the Shift key on the keyboard,
click from the shortcut menu then appears in the operation mode, with the
corresponding management authority. Finally they will be required to enter the
username and password in the pop-up window.
Information encryption strategy: the purpose of
encrypting the information is to protect the data, file, password, and control
information in the network, thus protect the data transmitted on the internet. There
are three common methods of network encryption: link encryption, endpoint
encryption and node encryption. The purpose of link encryption is to protect
link information security between network nodes. The purpose of end-to-end
encryption is to protect data from users to destination ends, and the purpose
of node encryption is to provide protection for transmission links between
source nodes and destination nodes. The user can choose the above encryption
method according to the network situation.