2010年8月7日星期六

The characteristics of computer viruses

Computer viruses generally have the following characteristics:

1. Procedural computer virus (enforceability)
Computer viruses and other legal procedures, is a executable program, but it is not a complete program, but the parasite in other executable programs, so it can be to enjoy all the power program. The virus is running, and the due process right to fight for control of the system. Computer viruses only when it can be run in the computer only when such activity is contagious and destructive. That is control of the computer CPU is the key issue. If the computer is running in normal program control, without running the program with a virus, then this computer is always reliable. In this computer you can see the virus file name, see computer virus code, print the virus code, or even copy-virus program, but had not infected with the virus. Anti-virus technology is all day to work in such an environment. Although their computer and there are also a variety of computer virus code, but has been set under the control of these viruses on the computer will not run the virus program, the entire system is safe. Instead, computer virus, once run on a computer, the virus in the same computer program and the normal system procedures, or some viruses and other virus programs often compete for the right of the system control will result in system crash, leading to the computer Tan Huan. Anti-virus technology is to be achieved in the control of computer systems, identify the code and behavior of computer viruses, prevent it from obtaining control of the system. Advantages and disadvantages of anti-virus technology is embodied in this regard. A good anti-virus system should not only be able to reliably identify the source of known computer viruses, prevent or bypass to run out of their control of the system (to achieve safe lifting, running an infected program), should also identify unknown computers the behavior of the virus in the system, to prevent its spread and damage the system action.

2. Infectious virus

The basic characteristics of infectious virus. In biology, the virus spread through the transmission from one organism to another organism. Under the right conditions, it get a lot of breeding, well so be infected organisms showed disease or even death. Similarly, computer viruses will be through various channels from the infected computer to spread to uninfected computers, in some cases caused the infected computers or even paralyzed the work of disorders. Unlike biological viruses, computer viruses are man-made preparation of a computer program code, this code into the computer Yidan well implemented, it will search for other infectious conditions Fuge its procedures or storage medium, target and then to their own insert the code in which to achieve the purpose of self-reproduction. As long as a computer exposure, if not in time, then the virus will spread rapidly that machines in which a large number of files (usually executable file) will be infected. The infected file has become a new source of infection, and then exchange data with other machines or through a network of contacts will continue to spread the virus.
Normal computer program generally will not impose its own code to connect to other programs above. The virus is transmitted can impose its own code to meet all the conditions of its transmission by the transmission process is not over. Computer viruses can be possible through various channels, such as floppy disks, computer networks to spread to other computers. When you find a machine with a virus often has been used in this computer's floppy disk has been infected with a virus, but with this machine networked with other computers may also be infected with the virus. Determine whether a program is contagious is whether the most important conditions for computer viruses.
Virus program by modifying the contents of the disk sector information or documents and to embed itself into one of the ways to achieve the mode of transmission and spread. Is embedded in the program is called the host program.

3. The latent virus

A preparation of sophisticated computer virus program, normally does not enter the system immediately after the attack, for several weeks or months or even years hidden in legal documents, spread to other systems, not to be found that the more latent Well, its presence in the system time will be longer, the greater the range of the virus infection.
The first performance of latent means, the virus program without specific testing procedures are not out of checks, so the virus can hide in silence the disk or tape to stay a few days or even years, when the time comes, get the opportunity to run , but also everywhere on the propagation, diffusion, continue to harm. The performance potential of the second refers to the internal computer viruses often have a trigger mechanism, does not meet the trigger conditions, in addition to transmission of computer viruses do not do any damage outside. Once the trigger conditions are met, some of the screen display information, graphics, or special identification, while others undermine the operation of the system implementation, such as formatting the disk, delete the disk file, on
Data file to do encryption, block keyboard and make the system deadlock so.

4. Computer viruses can be triggered
Virus due to the emergence of an event or value, inducing the implementation of infection or virus attacks can be triggered as the characteristics. To cover themselves, the virus must be latent and less to do action. If we do not move, it has been latent virus infection also can not can not be destroyed, they lost the lethality. We must also maintain the virus hidden lethal, it must have be triggered. Viruses trigger mechanism is used to control infection and destruction of movement frequency. Virus with a predetermined trigger conditions, these conditions may be the time, date, file type, or some specific data. The virus runs, the trigger mechanism checks whether the conditions intended to meet, if met, start the infection or destruction of movements to virus infection or attack; if not satisfied, so the virus continues to lurk.

5. Destructive computer viruses
All computer viruses are a kind of executable program, and this is bound to run another executable program, so the system is concerned, all the computer viruses are a common hazard exists, that reduce the efficiency of computer systems, taking up system resources, their invasion of the system depending on the virus program.
At the same time destructive computer virus computer virus designer depends on the purpose, the purpose of the designer if the virus is completely destroyed the normal operation of the system, then the virus attacks the computer system is difficult to imagine the consequences, it can destroy the system, part of the data, it can destroy all the data and make it unrecoverable. However, not all viruses are bad on the system to produce an extremely destructive. Sometimes there is not much damage some of the role of cross infection can lead to system crashes and other major consequences.

6. Attack of the initiative
Virus attacks the system is active, not to man's will transfer. In other words, from a certain extent, the computer system regardless of how strict conservation measures taken can not completely rule out the virus attacks the system, while the protection is at best a means to prevent it.

7. Targeted virus
Computer viruses are specific for a particular computer and operating system. For example, for the 1BM PC and compatible machines, the company targeted App1e Macintosh, and also for the UNIX operating system. For example, the virus is a small ball and compatible for the IBM PC, the DOS operating system.

8. Viruses and unauthorized
Virus unauthorized execution. The normal procedure is invoked by the user, then the allocation of resources by the system to complete tasks assigned by the user. The purpose of the user is visible and transparent. The virus has all the characteristics of the normal procedure, it hides in the normal procedure, when the user invokes the normal program to steal control of the system, before normal program execution, the virus moves, the purpose of the user is unknown, is without the user allowed.

9. Hidden nature of the virus
Viruses are generally very high programming skills, dapper procedures. Usually attached to the normal procedure in a more secluded place or disk, there are individual to the form of hidden files. Purpose of its presence from users. If you do not read the code of the virus program with the normal procedure is not easy to distinguish between the. No protective measures usually the case, the computer virus program gets control over the system, you can in a very short time Zhuanrantailiang program. And infected, the computer system is usually able to function properly, so users do not feel any unusual, if not been what occurred in the computer. Imagine if the virus spread to the computer, the machine immediately not work correctly, it can not continue with their infected. It is because of hidden, computer viruses can be detected in case the user does not spread, and loitering in the world millions of computers.
The reason why most of the virus code is designed to be very short, but also to hide. Virus generally only a few hundred or 1K bytes, and PC-DOS files on the access speed of up to several hundred KB per second or more, so the virus can be instant attach this short a few hundred bytes to the normal procedures in, it was very difficult to detect.
Computer virus hidden in two ways:
The first infection of secrecy when the majority of the virus during transmission speed is very fast, usually does not have an external performance can not easily be found. Let us assume that if a computer virus when infected with a new program in the screen displays a message "I am a virus program, I want to do bad things," and then the virus has long been brought under control. Some viruses do, "the courage to expose themselves," the screen from time to time certain patterns or information, or play some music. Often at this time there are many within that computer viruses copied. Many computer users have no concept of computer viruses, not to mention the psychological guard. They see these new screen display and sound, thought it was from the computer system, unaware that the virus is damaging computer systems, are creating a disaster.
Second, the existence of hidden virus programs, virus programs are generally caught in the normal procedure are difficult to discover, but once out of the virus attack, computer systems often have to create a different degrees of damage. Virus-infected computers in most cases able to maintain some of its functions 下, not as an infected virus, Zheng Taiwan computer can not be started up, Huozhe a Chengxuyidan infected by the virus Suo, was not to be Sun Huai Yun Xing, and If this occurs, the virus also can spread in our world. Computer virus designed compact between is here. Normal procedure by computer virus infection, its original functions are largely unaffected, the virus code attached thereon, managed to survive, have to constantly De Yun Xing chances to spread out more of the Fu Zhi body, and Zheng Chang procedures Zhengduoxitong The control and disk space, and constantly to undermine the system, leading to paralysis of the entire system. The virus code is designed to be very clever but short.

10. Virus derivative
This feature provides for some busybody brings a new virus to create a shortcut.
Analysis of the structure of known computer viruses, the damage spread partly reflected the designer's design thinking and design purposes. However, this principle can be other people to master their own attempts to carry out any changes, which in turn derived from a different original version of the new computer virus (also called variants). This is the derivative of computer viruses. The consequences of such variants may be much more serious than the original virus.

11. Parasitic virus (dependent)
Virus program embedded into the host program, depends on the survival of the host program's implementation, which is a parasitic virus. Virus program to invade the host program, the general procedures of the host to be modified, once the host program execution, the virus program is activated, which can self-replicate and reproduce.

12. Unpredictability of the virus
Detection of the virus from the point of view, viruses are unpredictable. Different types of viruses, they code vary, but some operations are shared (such as in memory, change interrupt). Some people use this common virus, making the claim that they could search for all viruses. Such a procedure can indeed identify a number of new viruses, but the current type of software is extremely rich, and some also use a similar normal operation of the virus even borrowed some of the virus technology. Use this method to detect the virus is bound to lead to more false positives. And viruses are constantly improving production technology, virus anti-virus software is always ahead. A new generation of computer viruses and even some basic features are hidden, and sometimes the change by observing the length of documents to determine. However, the virus can also be updated on this issue blind users, they use files to store its own code gaps, to file the same length. Many new viruses deformation is adopted to avoid inspection, and that became the basic features of Xinyi Dai Ji Suanji virus Di.

13. Deceptive computer virus
Computer viruses secretive, unresponsive to their computer, often to the fact that the virus causing the error as accepted, so it is easy to be successful.

14. Persistent virus
Even after the virus program has been detected, data and programs as well as the operating system is very difficult to restore. Especially in network operating conditions, because the virus program from a copy of infection spread through the network repeatedly, making the virus removal process is very complex.

没有评论:

发表评论