1. OVERVIEW OF INFORMATION SECURITY

2. INFORMATION AND NETWORK SECURITY POLICIES

3. CRYPTOGRAPHY AND PKI

4. NETWORK SECURITY APPLICATIONS

5. DESIGN PRINCIPLES

6. COMPLIANCE EVALUATION SYSTEM AND LAW

7. MALICIOUS LOGIC AND ATTACKS

8. VULNERABILITY ANALYSIS AND IT AUDIT

9. INTRUSION DETECTION AND LOG ANALYSIS

LAB WORK -ISA

SOLVED PRACTICE QUESTIONS

Viruses and its Types

VIRUSES AND ITS TYPES 

A computer virus is a type of malicious software (malware) that attaches itself to a legitimate program or file, enabling it to spread from one computer to another. Like biological viruses, they can replicate themselves and spread to other hosts. Viruses often cause damage by corrupting data, stealing information, or disrupting system operations.

Characteristics of a Computer Virus:

  1. Replication:
    • Viruses can replicate themselves by attaching to other programs or files.
  2. Activation:
    • They are usually activated by some trigger, such as opening an infected file or running an infected program.
  3. Payload:
    • Viruses carry a payload that can perform various malicious activities, such as deleting files, stealing data, or displaying unwanted messages.

Types of Computer Viruses:

  1. File Infector Virus:

    • Attaches itself to executable files (.exe, .com) and is activated when the infected file is run. Examples include the CIH virus.

  2. Macro Virus:

    • Targets macro language commands in applications like Microsoft Word or Excel. It is often spread through infected documents. An example is the Melissa virus.

  3. Boot Sector Virus:

    • Infects the master boot record (MBR) of a hard disk or a floppy disk, activating when the system starts up. Examples include the Michelangelo virus.

  4. Polymorphic Virus:

    • Changes its code each time it infects a new file to avoid detection by antivirus software. An example is the Storm Worm.

  5. Metamorphic Virus:

    • Rewrites its own code each time it infects a new file, making it even harder to detect. Examples include the ZMist virus.

  6. Resident Virus:

    • Resides in the system memory and can infect files even when the originally infected program is not running. Examples include the Randex and CMJ viruses.

  7. Non-resident Virus:

    • Does not stay in memory; it is activated and spreads when the infected file is executed. An example is the Cascade virus.

  8. Multipartite Virus:

    • Infects both the boot sector and executable files, spreading through multiple vectors. An example is the Tequila virus.

  9. Web Scripting Virus:

    • Exploits vulnerabilities in web browsers and websites, often through malicious scripts. An example is the JS.Trojan.Blinder.

  10. Stealth Virus:

    • Hides its presence by intercepting system requests and returns false information to avoid detection. An example is the Brain virus.

Example of a Computer Virus:

Melissa Virus:

  • Type: Macro Virus
  • How It Works:
    • The Melissa virus was distributed via email, disguised as a Word document. When the document was opened, it triggered the virus to replicate and send itself to the first 50 contacts in the user’s Outlook address book.
    • It caused widespread email disruption and led to significant damage to many organizations' email systems.

 

Mitigation Strategies:

  1. Antivirus Software:

    • Use up-to-date antivirus software to detect and remove viruses. Regularly update virus definitions.

  2. Regular Backups:

    • Maintain regular backups of important data to recover from potential infections.

  3. Software Updates:

    • Keep operating systems and software up to date to protect against vulnerabilities that viruses may exploit.

  4. Email Security:

    • Be cautious with email attachments and links, especially from unknown sources. Use email filtering and scanning tools.

  5. User Education:

    • Educate users about safe browsing habits and the risks of downloading and running unknown software.

  6. Firewalls and Intrusion Detection Systems:

    • Implement firewalls and IDS/IPS to monitor and block malicious activities on the network.