SlideShare a Scribd company logo

Anti Virus Software

•Download as PPTX, PDF•
•
P
Pradeepkrajyaguru

It's About the whole study of Anti-virus Software how working in your system.

Technology
1 of 20
To Study Of Anti-Virus Software Prepared By : Pradeep K. Rajyaguru 115030693013 Ankit K. Solanki 115030693041 Guided By: Prof. V.A. Gandhi B.H.Gardi College Of Engg. & Tech. Department of M.C.A.
Topic to be covered • • • • • • • • • • • • • Introduction Malware Threats Type of Viruses Other Malwares Types of Attacks Anti-virus Recent Trends in Malware Threat Model Code Hiding Building Blocks Design Prototype Conclusion and Research
Introduction • Internet is a collection of interconnected computers. People rely on the Internet to communicate, share files, for news, and most importantly for financial transactions. • Recent studies and researches show that a computer connected to the Internet may experience an attack every 39 seconds because of less awareness in people regarding attacks. • The war between virus creators and anti-virus developers started since the birth of the earliest viruses in eighties. • Any anti-virus software must perform three functions: detection, identification and Removal of malicious code. The goal of any virus writer is to design a virus that can evade detection.
Continue... • When Virus found that, an anti-virus program is their biggest enemy they came up with the idea to screw the anti-virus program and paralyze the functions of the anti-virus system. How Anti-virus works
Security in consumer computing • Consumer computers are very attractive to intruders because it’s fairly easy to gain access by number of online resources of hacking. • This enables hacker to use the compromised machine to easily steal secret data such as passwords to bank accounts, credit card numbers and social security numbers. • The compromised machines can also be made a part of a huge botnet that can be used to launch Denial of Service attacks on servers. • Software such as anti-virus solutions and firewalls offer some protection to users against attacks, however, they are not completely effective.The reason for this is that anti-virus relies on virus definitions and known behavioral patterns to identify malicious code.
Malware Threats • Malware is short for "malicious software." Malware is any kind of unwanted software that is installed without your adequate consent. Viruses, worms, and Trojan horses are examples of malicious software that are often grouped together and referred to as malware. • Early days they were designed to cause disruptions but recent days they are designed to stealing secret information such as passwords, credit card numbers and social security numbers for providing some sort of financial gains for their developers.
Types of Virus • Boot Virus:These types of viruses operate by infecting the Master Boot Record (MBR) of a PC. Example, ‘POLYBOOT.B’ • Parasitic viruses/ File Infectors:This type of virus attaches itself onto files or executables, leaving the contents of the file unchanged. • Date viruses/ Logic Bombs/ Time Bomb:These are types of viruses that reside in a machine and get triggered by some event such as a particular date or a day of the week . Example, ‘Sunday’. • Macro Virus:These are programs that take advantage of the macro utilities that are built into programs like Excel and Word. Example, ‘Concept’ for Word 95.
Continue.. • Encrypted Virus:This is a type of virus whose body is encrypted. The virus itself contains the key for decryption and a decryption engine within itself. This method is used to hide the virus from signature detection. Example, ‘Cascade’. • Polymorphic virus:It is same as Encrypted Virus but in addition it also has a mutation engine that creates new encryption schemes for every infection. Example, ‘1260’. • Stealth Virus:This type of virus attempts to hide its presence by hooking onto some system calls. A recent worm called the `Lion' installs a rootkit and then makes various hooks and system modifications to prevent any scanner from capturing its presence.
Other Malware • Trojan Horse:This is a program that enters a machine disguised or embedded inside legitimate software. The Trojan looks harmless or something interesting to a user, but is actually very harmful when executed. • Worms:A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Worms almost always cause at least some harm to the network. • Rootkit:Rootkit is term derived from the UNIX term root.It is malicious program that obtains administrator privilege and manipulates other processes in the system.It was designed to give administrator privileges to the attacker.
Types of Attack • • • • • Social Engineering Mass E-Mailers Exploit on Software Vulnerabilities Phishing Pharming
Anti-virus • • • • • Signature detection or Pattern Matching X – Raying Emulation Frequency Analysis Heuristics
Recent trend in Malware • Spam Thru Trojan • Beast Trojan Beast Trojan
Literature Review • Secret Data Protection • Smart cards Common Access Card IBM's PCI Crypto Card SET • HD-DVD Encryption • Distributed software for secret protection • Software based approach for secret management
Code-Hiding • Code Obfuscation • Code hiding by malicious programs • Shadow Walker • SubVirt • Blue Pill • Code Injection Before Infection After Infection
Threat Model • Internet Threat Mode • Shortcomings of ITM • Viral Threat Model Internet Threat Model Threat posed by malware
Building Blocks • Injecting Code in Logon process • Shortcomings • Watch Processes Watch Process to monitor anti-virus • Shortcomings • Install as a Different Process • Shortcomings Query results before camouflaging the anti-virus softwar e Query results after camouflaging the anti-virus softwar e
Design • • • • Installing the Program Starting the Process Execution of the Process Watch Processes • Shut Down Events • Virus Definition Files • Whitelists • Storage of definition file Storing image files
Prototype • Placing start up information in Windows system process • Code Injection • Injecting Libraries • Injecting Code • Overhead and Performance System Overhead
Conclusion and Future Research • In this research, an approach was presented to improve the reliability of the anti-virus process by hiding its presence from other processes on the machine because if malware infect any process of system then no component of a consumer computer can be trusted. • For solving this problem it changes the name of the file and changing the registry entry by installing the process under different name. This helps in working around attacks that scan the registry entries and the file system to identify the anti-virus program. • After this, the process was continuously migrated to different address spaces to avoid detection by any malware. . By moving the code at regular intervals of time, such a snapshot would not be very useful in killing the anti-virus process as it would have migrated to another process space while the results of the snapshot are calculated. After this, multiple watch processes were installed to detect if the anti-virus program is shut down at any point of time.
Anti Virus Software

Recommended

Browser forensics
Browser forensicsBrowser forensics
Browser forensicsPrince Boonlia
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)shraddha_b
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Mobile security in Cyber Security
Mobile security in Cyber SecurityMobile security in Cyber Security
Mobile security in Cyber SecurityGeo Marian
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
Cyber Hygiene in Dailylife
Cyber Hygiene in DailylifeCyber Hygiene in Dailylife
Cyber Hygiene in Dailylifessuser98b1f71
 

Recommended

Browser forensics
Browser forensicsBrowser forensics
Browser forensicsPrince Boonlia
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)shraddha_b
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Mobile security in Cyber Security
Mobile security in Cyber SecurityMobile security in Cyber Security
Mobile security in Cyber SecurityGeo Marian
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
Cyber Hygiene in Dailylife
Cyber Hygiene in DailylifeCyber Hygiene in Dailylife
Cyber Hygiene in Dailylifessuser98b1f71
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
ip spoofing
ip spoofingip spoofing
ip spoofingmohan babu
 
Backtrack
BacktrackBacktrack
BacktrackOne97 Communications Limited
 
What is a static ip address
What is a static ip addressWhat is a static ip address
What is a static ip addressHexa Howe
 
Tor Presentation
Tor PresentationTor Presentation
Tor PresentationHassan Faraz
 
15 Security & Privacy Tips for Social Media Safety
15 Security & Privacy Tips for Social Media Safety15 Security & Privacy Tips for Social Media Safety
15 Security & Privacy Tips for Social Media SafetyChad Warner
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptSanjay Kumar
 
ISP AND ITS ARCHITECTURE.
ISP AND ITS ARCHITECTURE.ISP AND ITS ARCHITECTURE.
ISP AND ITS ARCHITECTURE.university of Gujrat, pakistan
 
Securing your home wi fi network
Securing your home wi fi networkSecuring your home wi fi network
Securing your home wi fi networkJ A Bhavsar
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Firewalls
FirewallsFirewalls
FirewallsShreya Singireddy
 
Dos n d dos
Dos n d dosDos n d dos
Dos n d dossadhana21297
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
CYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIACYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIAcharitha garimella
 
Physical security
Physical securityPhysical security
Physical securityTariq Mahmood
 
Web security ppt sniper corporation
Web security ppt sniper corporationWeb security ppt sniper corporation
Web security ppt sniper corporationsharmaakash1881
 
Email Forensics
Email ForensicsEmail Forensics
Email ForensicsGol D Roger
 
Antivirus
AntivirusAntivirus
Antivirusava & araf co.
 
ANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationabhijit chintamani
 

More Related Content

What's hot

Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
ip spoofing
ip spoofingip spoofing
ip spoofingmohan babu
 
What is a static ip address
What is a static ip addressWhat is a static ip address
What is a static ip addressHexa Howe
 
Tor Presentation
Tor PresentationTor Presentation
Tor PresentationHassan Faraz
 
15 Security & Privacy Tips for Social Media Safety
15 Security & Privacy Tips for Social Media Safety15 Security & Privacy Tips for Social Media Safety
15 Security & Privacy Tips for Social Media SafetyChad Warner
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptSanjay Kumar
 
Securing your home wi fi network
Securing your home wi fi networkSecuring your home wi fi network
Securing your home wi fi networkJ A Bhavsar
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
CYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIACYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIAcharitha garimella
 
Physical security
Physical securityPhysical security
Physical securityTariq Mahmood
 
Web security ppt sniper corporation
Web security ppt sniper corporationWeb security ppt sniper corporation
Web security ppt sniper corporationsharmaakash1881
 
Email Forensics
Email ForensicsEmail Forensics
Email ForensicsGol D Roger
 

What's hot (20)

Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
ip spoofing
ip spoofingip spoofing
ip spoofing
 
Backtrack
BacktrackBacktrack
Backtrack
 
What is a static ip address
What is a static ip addressWhat is a static ip address
What is a static ip address
 
Tor Presentation
Tor PresentationTor Presentation
Tor Presentation
 
15 Security & Privacy Tips for Social Media Safety
15 Security & Privacy Tips for Social Media Safety15 Security & Privacy Tips for Social Media Safety
15 Security & Privacy Tips for Social Media Safety
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
ISP AND ITS ARCHITECTURE.
ISP AND ITS ARCHITECTURE.ISP AND ITS ARCHITECTURE.
ISP AND ITS ARCHITECTURE.
 
Securing your home wi fi network
Securing your home wi fi networkSecuring your home wi fi network
Securing your home wi fi network
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logs
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Mobile security
Mobile securityMobile security
Mobile security
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Firewalls
FirewallsFirewalls
Firewalls
 
Dos n d dos
Dos n d dosDos n d dos
Dos n d dos
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N G
 
CYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIACYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIA
 
Physical security
Physical securityPhysical security
Physical security
 
Web security ppt sniper corporation
Web security ppt sniper corporationWeb security ppt sniper corporation
Web security ppt sniper corporation
 
Email Forensics
Email ForensicsEmail Forensics
Email Forensics
 

Viewers also liked

ANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationabhijit chintamani
 
Antivirus PPt
Antivirus PPtAntivirus PPt
Antivirus PPtArnab Singha
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)ainizbahari97
 
Computer Virus powerpoint presentation
Computer Virus powerpoint presentationComputer Virus powerpoint presentation
Computer Virus powerpoint presentationshohrabkhan
 
What Is An Antivirus Software?
What Is An Antivirus Software?What Is An Antivirus Software?
What Is An Antivirus Software?culltdueet65
 
Virus & Antivirus
Virus & AntivirusVirus & Antivirus
Virus & AntivirusAnirudh Kannan
 
Antivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsAntivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsSomanath Kavalase
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPTEva Harshita
 
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detectionAnti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detectionNeel Pathak
 
Antivirus ppt
Antivirus pptAntivirus ppt
Antivirus pptnikkinikhita
 
Types of Virus & Anti-virus
Types of Virus & Anti-virusTypes of Virus & Anti-virus
Types of Virus & Anti-virusDivyesh Rakholiya
 
Virus and antivirus final ppt
Virus and antivirus final pptVirus and antivirus final ppt
Virus and antivirus final pptaritradutta22
 
Virus y-antivirus
Virus y-antivirusVirus y-antivirus
Virus y-antivirusMayra Sole
 
ppt on antivirus and computer virus
ppt on antivirus and computer virusppt on antivirus and computer virus
ppt on antivirus and computer virusNaveen Goyal
 
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayAntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayINCIDE
 

Viewers also liked (20)

Antivirus
AntivirusAntivirus
Antivirus
 
ANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentation
 
Antivirus PPt
Antivirus PPtAntivirus PPt
Antivirus PPt
 
Antivirus software
Antivirus softwareAntivirus software
Antivirus software
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)
 
Computer Virus powerpoint presentation
Computer Virus powerpoint presentationComputer Virus powerpoint presentation
Computer Virus powerpoint presentation
 
Anti Virus Software
Anti Virus SoftwareAnti Virus Software
Anti Virus Software
 
What Is An Antivirus Software?
What Is An Antivirus Software?What Is An Antivirus Software?
What Is An Antivirus Software?
 
Virus & Antivirus
Virus & AntivirusVirus & Antivirus
Virus & Antivirus
 
Antivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsAntivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methods
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPT
 
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detectionAnti-virus Mechanisms and Various Ways to Bypass Antivirus detection
Anti-virus Mechanisms and Various Ways to Bypass Antivirus detection
 
Antivirus ppt
Antivirus pptAntivirus ppt
Antivirus ppt
 
Types of Virus & Anti-virus
Types of Virus & Anti-virusTypes of Virus & Anti-virus
Types of Virus & Anti-virus
 
Virus and antivirus final ppt
Virus and antivirus final pptVirus and antivirus final ppt
Virus and antivirus final ppt
 
Anti virus
Anti virusAnti virus
Anti virus
 
Virus y-antivirus
Virus y-antivirusVirus y-antivirus
Virus y-antivirus
 
ppt on antivirus and computer virus
ppt on antivirus and computer virusppt on antivirus and computer virus
ppt on antivirus and computer virus
 
Anti-Virus Evasion Techniques and Countermeasures
Anti-Virus Evasion Techniques and CountermeasuresAnti-Virus Evasion Techniques and Countermeasures
Anti-Virus Evasion Techniques and Countermeasures
 
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayAntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
 

Similar to Anti Virus Software

Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Pruthvi Monarch
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentationAmjad Bhutto
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02hiiraa
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
6unit1 virus and their types
6unit1 virus and their types6unit1 virus and their types
6unit1 virus and their typesNeha Kurale
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious CodeSatria Ady Pradana
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software securityG Prachi
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptxLakshayNRReddy
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfWajdiElhamzi3
 
Virusppt
ViruspptVirusppt
ViruspptSuman Bose
 

Similar to Anti Virus Software (20)

ETHICAL HACKING
ETHICAL HACKINGETHICAL HACKING
ETHICAL HACKING
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch
 
Malicious
MaliciousMalicious
Malicious
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
 
Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02Computervirus 110705112128-phpapp02
Computervirus 110705112128-phpapp02
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Computer Virus
Computer VirusComputer Virus
Computer Virus
 
Thur Venture
Thur VentureThur Venture
Thur Venture
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Sangeetha Venture
Sangeetha VentureSangeetha Venture
Sangeetha Venture
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Regression
RegressionRegression
Regression
 
Viruses andthreats@dharmesh
Viruses andthreats@dharmeshViruses andthreats@dharmesh
Viruses andthreats@dharmesh
 
6unit1 virus and their types
6unit1 virus and their types6unit1 virus and their types
6unit1 virus and their types
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdf
 
Virusppt
ViruspptVirusppt
Virusppt
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 

Anti Virus Software

  • 1. To Study Of Anti-Virus Software Prepared By : Pradeep K. Rajyaguru 115030693013 Ankit K. Solanki 115030693041 Guided By: Prof. V.A. Gandhi B.H.Gardi College Of Engg. & Tech. Department of M.C.A.
  • 2. Topic to be covered • • • • • • • • • • • • • Introduction Malware Threats Type of Viruses Other Malwares Types of Attacks Anti-virus Recent Trends in Malware Threat Model Code Hiding Building Blocks Design Prototype Conclusion and Research
  • 3. Introduction • Internet is a collection of interconnected computers. People rely on the Internet to communicate, share files, for news, and most importantly for financial transactions. • Recent studies and researches show that a computer connected to the Internet may experience an attack every 39 seconds because of less awareness in people regarding attacks. • The war between virus creators and anti-virus developers started since the birth of the earliest viruses in eighties. • Any anti-virus software must perform three functions: detection, identification and Removal of malicious code. The goal of any virus writer is to design a virus that can evade detection.
  • 4. Continue... • When Virus found that, an anti-virus program is their biggest enemy they came up with the idea to screw the anti-virus program and paralyze the functions of the anti-virus system. How Anti-virus works
  • 5. Security in consumer computing • Consumer computers are very attractive to intruders because it’s fairly easy to gain access by number of online resources of hacking. • This enables hacker to use the compromised machine to easily steal secret data such as passwords to bank accounts, credit card numbers and social security numbers. • The compromised machines can also be made a part of a huge botnet that can be used to launch Denial of Service attacks on servers. • Software such as anti-virus solutions and firewalls offer some protection to users against attacks, however, they are not completely effective.The reason for this is that anti-virus relies on virus definitions and known behavioral patterns to identify malicious code.
  • 6. Malware Threats • Malware is short for "malicious software." Malware is any kind of unwanted software that is installed without your adequate consent. Viruses, worms, and Trojan horses are examples of malicious software that are often grouped together and referred to as malware. • Early days they were designed to cause disruptions but recent days they are designed to stealing secret information such as passwords, credit card numbers and social security numbers for providing some sort of financial gains for their developers.
  • 7. Types of Virus • Boot Virus:These types of viruses operate by infecting the Master Boot Record (MBR) of a PC. Example, ‘POLYBOOT.B’ • Parasitic viruses/ File Infectors:This type of virus attaches itself onto files or executables, leaving the contents of the file unchanged. • Date viruses/ Logic Bombs/ Time Bomb:These are types of viruses that reside in a machine and get triggered by some event such as a particular date or a day of the week . Example, ‘Sunday’. • Macro Virus:These are programs that take advantage of the macro utilities that are built into programs like Excel and Word. Example, ‘Concept’ for Word 95.
  • 8. Continue.. • Encrypted Virus:This is a type of virus whose body is encrypted. The virus itself contains the key for decryption and a decryption engine within itself. This method is used to hide the virus from signature detection. Example, ‘Cascade’. • Polymorphic virus:It is same as Encrypted Virus but in addition it also has a mutation engine that creates new encryption schemes for every infection. Example, ‘1260’. • Stealth Virus:This type of virus attempts to hide its presence by hooking onto some system calls. A recent worm called the `Lion' installs a rootkit and then makes various hooks and system modifications to prevent any scanner from capturing its presence.
  • 9. Other Malware • Trojan Horse:This is a program that enters a machine disguised or embedded inside legitimate software. The Trojan looks harmless or something interesting to a user, but is actually very harmful when executed. • Worms:A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Worms almost always cause at least some harm to the network. • Rootkit:Rootkit is term derived from the UNIX term root.It is malicious program that obtains administrator privilege and manipulates other processes in the system.It was designed to give administrator privileges to the attacker.
  • 10. Types of Attack • • • • • Social Engineering Mass E-Mailers Exploit on Software Vulnerabilities Phishing Pharming
  • 11. Anti-virus • • • • • Signature detection or Pattern Matching X – Raying Emulation Frequency Analysis Heuristics
  • 12. Recent trend in Malware • Spam Thru Trojan • Beast Trojan Beast Trojan
  • 13. Literature Review • Secret Data Protection • Smart cards Common Access Card IBM's PCI Crypto Card SET • HD-DVD Encryption • Distributed software for secret protection • Software based approach for secret management
  • 14. Code-Hiding • Code Obfuscation • Code hiding by malicious programs • Shadow Walker • SubVirt • Blue Pill • Code Injection Before Infection After Infection
  • 15. Threat Model • Internet Threat Mode • Shortcomings of ITM • Viral Threat Model Internet Threat Model Threat posed by malware
  • 16. Building Blocks • Injecting Code in Logon process • Shortcomings • Watch Processes Watch Process to monitor anti-virus • Shortcomings • Install as a Different Process • Shortcomings Query results before camouflaging the anti-virus softwar e Query results after camouflaging the anti-virus softwar e
  • 17. Design • • • • Installing the Program Starting the Process Execution of the Process Watch Processes • Shut Down Events • Virus Definition Files • Whitelists • Storage of definition file Storing image files
  • 18. Prototype • Placing start up information in Windows system process • Code Injection • Injecting Libraries • Injecting Code • Overhead and Performance System Overhead
  • 19. Conclusion and Future Research • In this research, an approach was presented to improve the reliability of the anti-virus process by hiding its presence from other processes on the machine because if malware infect any process of system then no component of a consumer computer can be trusted. • For solving this problem it changes the name of the file and changing the registry entry by installing the process under different name. This helps in working around attacks that scan the registry entries and the file system to identify the anti-virus program. • After this, the process was continuously migrated to different address spaces to avoid detection by any malware. . By moving the code at regular intervals of time, such a snapshot would not be very useful in killing the anti-virus process as it would have migrated to another process space while the results of the snapshot are calculated. After this, multiple watch processes were installed to detect if the anti-virus program is shut down at any point of time.