Advance E-Security: Virus
Advance E-Security: Virus
The complex developments in
information technology have resulted into new security concerns. To ensure
stability of computer and internet networks, issues relevant to computer
security have been addressed in the 21st century (Salomon, 2010). Computer security has been of more
relevance to not only the business network but also personal computers used to
access the internet. The business networks require relevant computer security
measures to be implemented to ensure protection of its data right from storage,
to dissemination and finally manipulation.
The 21st century is marked by an increase and an expansion in
the pool of digital information available to users. Digital data has changed
the way data is created, stored, processed, disseminated and manipulated. The
present generation is highly computer dependent being that every information is
stored in electronic devices. Advance electronic security is therefore a major
concern in the 21st century. Electronic security is routinely
compromised by computer viruses, worms, spyware, malware and the like (Salomon, 2010). These programs infect computers and
other electronic devices and damage computer hardware as well as software.
Viruses, for instance, destroy
valuable information and compromise the security of sensitive data and
information. Computer users store their data on electronic storage devices, for
example, CDROMs, DVDROMs and even USB drives. The data is then transferred to
the personal computers via these storage devices. Due to the fat that a
majority of computer users are not fully aware of the latest virus threats, the
viruses are transmitted to the computers when copying and moving files from the
storage devices to the computers. The viruses are therefore transmitted through
the computer hardware, software, internal networks or the internet (Khan, 2012). Infected
computer systems compromise the security of the information stored in them and
act as a source of infection to other systems during transmission of data. It is
against this background that this research paper aims at analyzing computer
viruses based on the history, different types, warning signs and detection and
finally preventive and defense measures against the viruses.
computer virus is a malware that function by copying itself from one computer
system to another affecting how the system operates. It could also be defined
as a malicious code that infects computer systems by replicating itself (Ferbrache, 2012). Computer viruses therefore, function like biological
viruses. A computer virus works by attaching itself to executable files and
documents in a computer or any other electronic device. The computer viruses
could be designed in such a way that they can only attach to executable files
that possess a certain programming capacity. For instance, the viruses could be
specific to documents with extension .exe. On that note, a virus only infects a
system when the file or document it is attached to is executed by a system
administrator. A virus, therefore, does not automatically take advantage of the
vulnerabilities in a computer system. Besides operating an executable file,
viruses could also be transmitted by opening an email attachment, viewing an
infected website or advertisement and using infected electronic storage
infecting the host system, the virus can spread to other software, alter and
deactivate important computer functions and applications, copy, delete and
encode data. The viruses could be designed to replicate immediately they infect
a system or lie dormant until that time the malware is triggered by the system
administrator. The spread of computer viruses increases when they attach to
documents on a network file system or a file system that is available to other
computer systems. In addition, some viruses are designed in such a way that
they can bypass security measures like antivirus and antimalware software
installed by the user. Such viruses are designed with evasion and obfuscation
properties. Finally, advances in information technology have led to development
of polymorphic malware, making the detection of viruses a nightmare since it
ensures the executable code of the virus changes as it spreads (Mohammed
& Pathan, 2013).
Some viruses, however have noticeable
symptoms to the user.
A Brief History of Computer Viruses
Von Neumann, the father of cybernetics, first theorized the idea of computer
viruses in the late 1940s (Jones, 2013). This led to the publishing of a
paper on theory of self-reproducing automata in 1966. Bob Thomas created the
Creeper program that had no malicious content in 1971. It is considered the
first virus. Later 1974, the Rabbit Virus was designed. It showed malicious
properties as it had the capacity to replicate itself thereby affecting the
computer functions and eventually crashed the entire system. The first Trojan,
ANIMAL was created in 1975 by John Walker. In 1986, a brain boot sector virus
infected floppy disks without corrupting the stored data. It was developed by
Basit and Amjad Farooq Alvi (Slade,
through to 2000 was defined by a majority of macro viruses. The love letter
virus was a tragedy in the beginning of the 21st century. It marked
the beginning of research into modern malware. Since 2000, advances in IT have
led to the development of more complex viruses such as the Code Red Virus,
MyDoom in 2004, Samy XXA in 2005, OSX/Leap-A, Storm Worm in 2007, Koobface in
2008, Kenzero in 2010. The most recent viruses are Cryptoblocker developed in
2013 and Backoff and Heartbled created in 2014.
Types of Computer Viruses
types of computer viruses exist with each type exhibiting unique properties
differentiating it from other viruses. Viruses can be wither computer based or
internet based. The most common examples of computer viruses include resident
viruses, multipartite viruses, overwriting viruses, among
others (Khan, 2012). Resident viruses attach themselves to the volatile memory
of a computer system that is the Random Access Memory (RAM). The resident virus
then modifies and interrupts the performance of the system. It for instance
corrupts the documents and files stored in RAM, those that are opened or even
renamed. The resident virus does not need the original virus program to infect
a system. The virus version stored in the volatile memory can be activated when
certain operating system functions are executed, despite the fact that the
original version has been deleted. This type of virus presents many problems
since they can hide in the RAM therefore evading security defense measures like
antiviruses. Examples of resident viruses include CMJ and Randex, just to
mention a few.
On the contrary, multipartite virus is
transmitted and infects files and computer systems in multiple ways. It could
be transmitted through infected media as it hides in the memory or may embed
itself to the boot sector of the hard drive, executables files on the drive or
a combination of both and finally spreads across the computer system. The
breeding target depends on the properties of the computer system or electronic
device (Sung, Ku, & Su, 2014). For instance,
the type of OS. Multipartite virus spreads faster as compared to other viruses.
The speed is enhanced by the fact that the virus has multiple spread vectors.
In most occasions, infection by multipartite virus is subtle and goes
unnoticed. Removing this type of virus, therefore becomes as a challenge since
both the boot sector and the infected files have to be cleaned. In the event
that only the infected files are cleaned for example, the boot system is at a
risk of reinfection. An example of such a virus is Ghostball.
viruses are malicious programs that function by deleting the contents of an
infected file and overwriting the file with a different code. They function to
destroy the files or applications they infect rendering them useless. The
viruses could be specific on the files they infect or systematically infect all
the files and applications in an electronic device. The virus has properties
that enables it to install new codes that program them to spread the virus to
an entire computer system. Deleting the infected file permanently is the only
way of cleaning files infected by the virus. This however, means that the user
loses the original contents of the files or applications. TRj.reboot virus is
an example of an overwriting virus that infects executable files. Polymorphic
viruses have raised a lot of concerns in this century as they have resulted
into evasion and obfuscation properties against security defense measures.
These viruses change their underlying code as they spread. Their basic
functions and features remain constant, however. Most security defense
mechanisms rely on identifying virus signatures (Mohammed & Pathan, 2013).
Polymorphic viruses make their detection difficult since the signature changes each
time it is identified by a security product. Examples include HSFX virus and
The other type of computer virus is
the macros virus. It is uniquely designed to infect macro language commands in
computer applications such. Microsoft Word, Excel, Access and Microsoft Power
Point for instance, are some of the applications that the virus targets since
they have macros built into them. Macro viruses attach its malicious codes on
legitimate macros commands in a word document (Greengard, 2015). The latest
versions of Microsoft word like Office 2016 have disabled macros and introduced
a feature that ensures security such that macro is only enabled for trusted
workflows. Melissa virus is a recognized example of macro virus. Boot sector
viruses on the other hand, infect a computer storage system that contains all
the files required to start up the computer system. The virus infects the
system during the booting process, a time when many security products are not
running. Examples include Parity Boot and AntiEXE.
Conversely, direct action viruses are a type of malware that attach to files,
infect and replicate immediately the code is executed. Win64.Rugrat is one of
the earliest type of direct action virus ever detected.
File infectors are another common category of
viruses that commonly target files with extension .exe, .com, .bin, among other
executable files. The viruses are activated whenever these programs run. These
viruses could overwrite files completely or partially such that instead of
executing the function the administrator intended, the virus is executed. Other
file infector viruses present themselves as email attachments (Khan, 2012). Encrypted virus is in the top list of the
most difficult viruses to detect and disinfect. They use a different type of
encryption each time they infect a system. These codes are designed to ensure
the damaging effects of the viruses are not identified. They carry out their
actions very fast and can easily infect the entire computer system before being
detected. The first ever identified virus with these encryption properties was
Cascade. Besides these major types of computer viruses, the other viruses
include directory, companion, rootkit, network, stealth, space filter, sparse
infectors, Fat and non-resident viruses.
Symptoms and Detection
The main symptoms and warning signs
of malware infected systems include a decrease in the performance of the OS
such that it takes longer than usual to boot and the speed of the applications
reduces (Gaol, Mars, & Saragih, 2014).
Unexpected and unwanted pop-ups on the screen is also another sign of virus
infection. Regular computer or program crashes also depict an infection on a
computer system. Excessive hard drive activity even when not in use is another
sign. An increase in the physical storage space such that the hard drive is out
of space as well as high network activity and access of certain programs or
websites without the users input are other warning signs. When the antivirus
can no longer update or when the social media sites have been hacked such that messages
are automatically sent to contacts are other ways of detecting virus infection (WAGmob, 2014). Finally,
when the command CTRL+ALT+DELETE cannot be executed, a user should be alarmed
as she may be facing a virus security threat.
against Computer Viruses
Preventing attack of computer
viruses is the best defense action against virus infections and threats on data
safety. Viruses compromise the safety of personal data and can completely crash
the whole computer system. The viruses are a security risk of the huge amounts
of data stored in computer databases (Singh, 2013). Many preventive strategies
against computer viruses that are available are cost effective and efficient in
ensuring computer systems and data safety. One of the strategies is ensuring a
regular data backup. This prevents loss of data in an even a file or document
is infected by viruses. Computer administrators should use only known external
storage devices to backup data. Before transferring data from one system to
another, data storage devices like the USB drives should be scanned to ensure they
are free from any viruses.
Installation of a genuine and
reliable antivirus like McAfee is also essential regardless of whether the
computer is used to access the internet (Kaur, 2016). Most computer users
assume that an antivirus is only essential when accessing the internet which is
not the case being that computer-based viruses also exist. Most antivirus
programs are available at a fee but free antiviruses such as Avast are free.
Anti-spyware and antimalware programs are also important in protecting computer
systems from being infected by viruses (Gregory, 2011).
Most of the anti-spyware programs like Spybot Search are completely free. As
much as these programs are effective in detecting and disinfecting viruses,
they need to be updated regularly to boost their performance and protection of
the computer systems. Antiviruses, anti-spyware and anti-malware programs
always alert an administrator on any suspicious website that attempt to install
or run a program on the computer system. It is upon the user therefore, to
avoid visiting such sites.
To boost security against viruses,
users should also ensure that they first scan any email attachment they receive
prior to opening them. Viruses are commonly spread through email attachments,
therefore, this strategy is vital in preventing most infections (Brown, 2011). The user should set up automatic scans
on all the email attachments such that all attachments are scanned beforehand.
The latest versions of antivirus and anti-spyware programs are programmed in such
a way that they can automatically run scans whenever the computer is on. For
instance, they could scan the whole computer system after every 12 hours.
Monitoring the downloading process is also essential being that viruses can
attach themselves to music, videos, movies and other downloads. The downloads
should be from a trusted site and should be scanned before opening.
defense measure is to install regular updates of computer programs. Microsoft
alerts the user any time a program is out of date to allow easy updating.
Windows has purposefully incorporated a critical updates component from where
the user can easily monitor the programs. Updating a program is a way of fixing
any security loophole present in the out of date program. The user therefore
needs to constantly update his programs to enhance security (Shea, 2013). In this manner, he is helping Microsoft
to protect his computer system. Being well versed with how a computer system
operates also ensures detection of any viruses. Understanding the common types
of viruses and their characteristics will ease their identification and
Installing genuine software from a
trusted source is critical in the prevention process. Most users are tempted to
install illegal cracked program versions due to cost considerations which
compromise the security of the entire system in the long run. In most
occasions, these cracked software are infested with advanced viruses that are
difficult to detect and clean. Installation of a firewall, a program that
screens and controls incoming and outgoing network traffic based on set
security rules is another effective security defense measure against viruses (Kumar,
Kaur, Kaur, & Singh, 2016). The firewall is effective in preventing
unauthorized access to a system. Finally, a computer user should be prepared to
lock down in the event of a certain virus is spreading over the internet. The
user should not access any suspicious website, email or open downloads until an
antivirus, anti-spyware or anti-malware is updated.
In conclusion, more than half of
computers in the globe are infected with viruses. These infections are mostly
due to bad computer user habits as opposed to inefficiencies in antiviruses and
other defense programs and advances in IT that have led to encryption and
polymorphic viruses that are difficult to detect and disinfect. To facilitate
detection, prevention and disinfection of viruses, an understanding of the
types of viruses, their symptoms and how they function is necessary. This paper
has given detailed information on computer viruses with regard to their
history, types, warning signs of infection and preventive measures against the
viruses. The information is sufficient in enhancing data safety and avoiding
(2011). How to stop e-mail spam, spyware, malware, computer viruses, and
hackers from ruining your computer or network (1st ed.). Ocala, Fla.:
Atlantic Pub. Group.
(2012). A Pathology of Computer Viruses (1st ed.). London: Springer
Gaol, F., Mars,
W., & Saragih, H. (2014). Management and technology in knowledge,
service, tourism & hospitality (1st ed.). Boca Baton: CRC Press, Taylor
Greengard, S. (2015).
Malicious Macros Continue to Cause Damage. Baseline, 1.
(2011). Computer Viruses For Dummies (1st ed.). New York, NY: John Wiley
(2013). The Technical and Social History of Software Engineering (1st
ed.). USA: Addison-Wesley.
Kaur, G. (2016). Network
Security: Anti-virus. International Journal Of Advanced Research In Computer
Science, 7(6), 79.
Khan, I. (2012).
An introduction to computer viruses: problems and solutions. Library Hi Tech
News, 29(7), 8-12. http://dx.doi.org/10.1108/07419051211280036
Kumar, M., Kaur, N.,
Kaur, S., & Singh, R. (2016). Different Security Threats and its Prevention
in Computer Network. International Journal Of Advanced Research In Computer
Science, 7(6), 85.
Mohammed, M., &
Pathan, A. K. (2013). Automatic Defense Against Zero-day Polymorphic Worms
in Communication Networks. Boca Raton: Auerbach Publications.
(2010). Foundations of computer security (1st ed.). London: Springer.
Shea, J. (2013).
Combating computer viruses (1st ed.). New York: Gareth Stevens.
Singh, R. K. (2013).
Cyber Threats And their various types. Electronics For You, 2(2),
(2013). Guide to Computer Viruses (1st ed.). New York, NY: Springer New
Sung, P., Ku,
C., & Su, C. (2014). Understanding the propagation dynamics of multipartite
computer virus. Industrial Management & Data Systems, 114(1),
(2014). Introduction to Computer Science- By GoLearningBus (1st ed.).