Title:Computer virus and PreventionIn therecent years, through the transmission of e-mail, virus has becomethe biggest hazard to the development of the network industry. Since the pastfew years, a wide range of viruses have been spread through internet. As theinternet is becoming a global tool, the virus is also becoming a global troublemaker, and system killer. Compared with the traditional virus, the virusesspread through the network, especially the e-mail, shows faster speed and morepowerful lethality. On the basis ofanalyzing the characteristic of the computer virus in the informationtechnology age, the effective way of preventing virus will be discussed.
1 The Generation of Computer VirusThe generation of computer virus is the inevitableproduct of the development of computer technology and the process of computerbased social information development to a certain stage. The background is: 1.1 Whatis computer virus?Computer virus is a new form of high technology crime,which is instantaneous, dynamic and random. It isessentially difficult to obtain evidence, and it can damage the computerdramatically. Because it has small risk and huge damage, it irritates the crimeconsciousness and criminal activity. It reflects some people’s mischievous andretaliatory mindset in the field of computer application.
1.2 TechnicalreasonThe technical reason is the vulnerability of thesoftware and hardware of the modern computer. The software could be easilydeleted or rewritten. And, the manual way to design the computer software isinefficient and not secured, due to its long production cycle.
Designer have noway to know whether there is any mistake in the program before the program isin operation. The mistake could be modified only in the operation. Designershave no idea how many errors and defects are hidden in the program. Thosevulnerabilities provide a tunnel for the invasion of the virus.1.3 EnvironmentThe popularization of computers is the necessaryenvironment of the generation of computer virus. The hardware of most of themodern computers is simple, and the operation system is highly transparent.
Dueto the lack of security, more and more users are able to understand clearly theshortcoming of the computer. They could makedifferent attack choices based on different purposes.2 Properties of computer virusComputer virus can be hidden in computer storagemedium (the hard drive) or program. When certain condition is qualified, thecomputer virus is activated by some program, or instructed remotely to destroycomputer resources. The computer virus is a small program, but it is differentfrom the computer program with some unique characteristics2.1 Parasitism:computer virus is parasitic in another program.
When executing this program,the virus will begin to destroy; however, it is not easy to be detected beforeit starts.2.2 Infectivity:computer virus can not only destruct, but also infect.
The infection speed ishard to contain once the virus is produced and duplicated. In the biologyworld, virus spread from one organism to another through infection. Underappropriate conditions, it can be reproduced in large quantities, and wellsmake the infected organisms show illness or even death. Similarly, computerviruses will spread from infected computers to non-infected computers throughvarious channels.In some cases, the infected computers will be in disorder or evenparalyzed. Unlike the biological virus, a computer virus is a piece of humangenerated computer program, that can be transferred to other computers. Oncethe program is executed, it will search for other program or storage mediumcontaining infectious conditions.
It will determine the target and theminsert its own code into another programto achieve the purpose of self reproduction. If a computer is infected, if itis not processed in time, the virus will spread quickly on this machine, and alarge number of files (usually executable files) will be infected. The infecteddocuments have become a new source of infection, and then infect other machinesor contact them through the network, the virus will continue to spread. Normalcomputer programs generally do not connect their own code to other programs.The virus can force its own code to infect all non-infected programs. Computerviruses can infect other computers through various possible channels, such as USB,and computer networks. When a computer virus is found on a machine, the carrierthat is used to transfer files is also infected. Other computers that are in the same networkas the infected computer may also be infected by the virus, too.
Whether it iscontagious or not is the most important condition for judging whether a programis a computer virus. 2.3 Latency: someviruses, like a time bomb, make it predesigned at any time. For example, theblack Friday virus can’t be detected at any time before the scheduled time.When the condition is available, it will explode at once and destroy thesystem. A compilation of sophisticatedcomputer virus program, enter the systemafter the general can not immediately attack, in a few weeks or months or yearshidden in the legal document, to spread to other systems, without being found,latent in the system is better, the time will be longer, infectious the greaterthe scope will be virus.
The first kind of latent virus program refers to, nospecial test procedure is not check out, so the virus can quietly hide in thedisk as carrier for a few days, or even years, once the time is ripe, it willget a chance to run, reproduce and spread, continue to damage. The secondmanifestation of latency is that there is usually a trigger mechanism insidethe computer virus. When it does not meet the trigger condition, the computervirus will not destroy anything besides infection. Once the trigger condition issatisfied, some display information, graphics or special marks on the screen,others perform operations that destroy the system, such as formatting disk,deleting disk files, encrypting data files, blocking keyboards, and locking thesystem.2.4 Hidden: computervirus has a strong concealment, some can check out the virus software, and somesimply do not check out some hidden, constantly changing, this kind of virustreatment usually very difficult.
2.5 Destructiveness:when a computer is poisoned, it may cause the normal program to be unable torun, delete the files in the computer or be damaged in varying degrees.2.6 Triggering: avirus, due to the occurrence of an event or value, enticing the virus to carryout infection or attack is called triggering. In order to concealment, thevirus must lurk and do less. If it is completely inactive and lurking, thevirus can neither infect nor destroy it, and it loses its lethality. The virusneeds to be hidden and killed, and it must be triggered.
The triggeringmechanism of a virus is used to control the frequency of infection anddestruction. The virus has a predetermined trigger condition, which may betime, date, file type, or certain data. When the virus is running, the triggermechanism checks whether the predetermined conditions are met, if it satisfies,it starts the infection or destruction action, so that the virus is infected orattacked. If it is not satisfied, the virus will continue to lurk.3 The most common computer virusand their forms at present (for Windows only) TODO4 Computer Virus Precaution strategyThemost important hardware and software entities in the computer network areservers and workstations. Therefore, the server and the workstation should beconsidered the first for prevention and control of computer network viruses. Onthe other hand, strengthening comprehensive control is also important.
Thenetwork server is the center of the computer network, and it is the backbone ofthe network. One of the important signs of network paralysis is the paralysis ofthe network server. Once the network server is knocked down, the loss iscatastrophic, irretrievable, and inestimable.
4.1 Preventionof local area network virus: virus prevention has became a very important partof the daily management of the local area network (LAN) in the company, due tothe huge number of computers in LAN and the users are on different level ofanti-virus. Therefore, the prevention of computer virus should qualify thefollowing aspects4.1.1 It is essential to select the anti-virus softwareapplication and update the virus database.4.1.
2 Install all kinds of patches, timely installation ofvarious patches is also very important4.1.3 Standardize the use of electronic mail.4.1.4 Do backup forwork and data. To a company, the most important part should be the files anddata in the storage4.
1.5 Isolate the infected computer4.2 Preventionon the user end4.2.1 Pay attention to the attachment of the mail as much aspossible. 4.
2.2 Always in a set of anti-virus software. 4.2.3 Pre scan the accessories before opening any attachment4.2.4 Pay attention to the file extension. Windows allowsusers to use multiple extensions when naming files, but many e-mail programsdisplay only the first extension.
This will camouflage the virus.4.2.5 Do not run unknown program4.2.6 Never blind forward any email4.2.
7 Blocking system vulnerabilities. Many network virusesare now spread with Microsoft’s IE and Outlook’s vulnerabilities.4.
2.8 Don’t take the documents casually. Try not to acceptfiles from strangers in the online chat system, such as Skype or Facebook.4.2.9 Do automatic virus check to ensure that the computerwill do automatic virus check on the inserted plug and play media, as well ase-mail and internet files.4.3 Computernetwork security strategy4.3.1 Computernetwork security strategy: TODO4.3.2 Access control:TODO4.3.3 Informationencryption strategy: TODO