Computer Virus

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 2

Q6)Computer virus is a major threat to computer security Justify the statement.

Ans: The computer virus is a chronological successor of worm programs. The computer virus was termed
by Davis and Gantenbein (1987) as: "A Trojan horse program with the capability of auto-relocation (same
as in worms) and it can attack other programs."

Thus, a computer virus can cause a malicious activity as bombs or Trojans but in addition can do
something more. A computer virus is the most dangerous perverse software which can reproduce itself
within a computer system. Due to its replicating nature it can attach itself to a regularly used program
and make you feel that the host file is benign although it intends to do much more.

Computer viruses are highly contagious in nature and may cause considerable damage through an
information disorder/destruction. Computer virus can get the better of the operating system which you
work on, thereby taking control of the system which may sometimes lead to the destruction of all the data
and programs on your hard disk.

Generally, a computer virus acts like a parasite. It draws on the resources of the computer to monitor its
activities, but otherwise does not immediately change the functioning of the boot system. This is done to
evade early detection. If the virus has destructive effects, the reaction must be delayed somehow, because
if it immediately destroys the host software, it will never be able to reproduce and spread.
The main characteristics of computer virus are

1) Making replicas : A virus can copy itself into another place, file or another disk. Typically, if a
disk carrying a virus is put into a computer, the virus can get loaded into the machine through
Random Access Memory (RAM) and copies itself onto every other disk that is used thereafter.
The virus can also propagate a copy of itself through the telephone lines or via network
connections. Sometimes a mutated version of the virus may be copied which may be difficult to
recognise.
2) Autonomous in nature : A virus may run without being explicitly called by the user of the
computer. This is possible because the virus may c1iange iT a starting up procedure on computer
such that the code of the virus is executed prior to execution of the code of operating system.
Thus, it has a degree of autonomy.
3) Malicious activity : A virus can cause lot of damage to the computer system in terms of software
and data.
a. it may cause loss of data;
b. it may overwrite some of the important'files with unrecognised characters; ---
c. it may modify programs or software making them unusable;
d. it may scramble your database or Word Processor file resulting in incorrect information;
e. it may not allow the system to start at all;
f. some special effects on screen like falling of characters or bouncing balls may be
produced;
g. it may display messages graphics on the screen such as Happy Birthday, Give me a
Cookie, your PC is stoned etc.

It is usually believed that viruses cannot damage the hardware. However, there could be situations when
it can damage the moving parts. If a virus can produce a sequence of sector Read/Write instruction which
can be thrust on one's terminal causing a hard disk motor and IC working for very long duration with a
lot of head movement.

Similarly, in the case of monitor it may result in rapid changes in frequency oscillations or by creating a
high intensity beam (if proper protective hardware had not been used), the beam may destroy the
phosphorous, coating on the screen. Although no such incidents have been reported, yet one thing is for
certain, that is, because of over-working of the hard disk or low level formatting or very high speed
rotation for a very long time may reduce the overall life of these hardware components.

4) Avoid detection: A virus may take steps to avoid detection. An active virus is difficult to
recognize as it can hide itself from the scanning program through showing a mutated version of
itself.

Computer virus normally infect the following areas :

i. The hard disk partition table : The partition table. of the hard disk consists of information
regarding the numbers and type of partition. This occupies the absolute sector on the hard disk
and is normally not accessible to an ordinary user. This area is modified by the viruses by
including its own code in the partition table information, thus on switching on the system, the
virus becomes active. Some of the partition table viruses area Happy birthday, Joshi, Stoned etc.
ii. Boot record of hard disk or floppies : The boot record contains a program which is essential for
starting up of computer system as it helps in locating DOS files on the disk. FAT (File Allocation
Table) contains the information of what areas on the disk are, allocated to which file. Virus
changes the boot record by including . itself or a pointer to its code in the. disk. This, results in
execution of virus code prior to the Disk Operating System files. It may reserve some space in
FAT for itself, this space can be marked as bad sector.

Partition table and Boot Sector viruses are the most dangerous viruses because : (i) it is difficult
to visualise them as the partition table and boot sectors are sensitive areas and normal users.are
not allowed to handle these areas and (ii) they get activated veryearly in the starting up procedure,
thus, they can take control of the system.

These viruses may go unnoticed till the time they strike and by that time irreversible harm to data
is already done.

iii. Operational files : Viruses can destroy data files yet normally' do not infect data files which are,
on-executable. Thus, a yours can overwrite wrong data on a data file but normally does not copy
or attach its code to the data files. User created Word Processor data file, database file, ASCII
files, source Program Code files of BASIC, PASCAL are...normally not infected by virus. The
files which have following extensions often get infected by viruses :
.COM
.EXE
.OVR
.OVL
.SYS
.BIN
or any other files which can LT loaded into memory and executed.

You might also like