Computer
virus
In computer security technology, a virus is a self-replicating
program that spreads by inserting copies of itself into
other executable code or documents (for a complete definition:
see below). Thus, a computer virus behaves in a way
similar to a biological virus, which spreads by inserting
itself into living cells. Extending the analogy, the
insertion of the virus into a program is termed infection,
and the infected file (or executable code that is not
part of a file) is called a host. Viruses are one of
the several types of malware or malicious software.
In common parlance, the term virus is often extended
to refer to computer worms and other sorts of malware.
This can confuse computer users, since viruses in the
narrow sense of the word are less common than they used
to be, compared to other forms of malware such as worms.
This confusion can have serious consequences, because
it may lead to a focus on preventing one genre of malware
over another, potentially leaving computers vulnerable
to future damage. However, a basic rule is that computer
viruses cannot directly damage hardware, only software
is damaged directly. The software in the hardware however
may be damaged.
While viruses can be intentionally destructive (for
example, by destroying data), many other viruses are
fairly benign or merely annoying. Some viruses have
a delayed payload, which is sometimes called a bomb.
For example, a virus might display a message on a specific
day or wait until it has infected a certain number of
hosts. A time bomb occurs during a particular date or
time, and a logic bomb occurs when the user of a computer
takes an action that triggers the bomb. However, the
predominant negative effect of viruses is their uncontrolled
self-reproduction, which wastes or overwhelms computer
resources.
Today (as of 2005), viruses are somewhat less common
than network-borne worms, due to the popularity of the
Internet. Anti-virus software, originally designed to
protect computers from viruses, has in turn expanded
to cover worms and other threats such as spyware.
Definition
A virus is a type of program that can replicate itself
by making (possibly modified) copies of itself. The
main criterion for classifying a piece of executable
code as a virus is that it spreads itself by means of
'hosts'. A virus can only spread from one computer to
another when its host is taken to the uninfected computer,
for instance by a user sending it over a network or
carrying it on a removable disk. Additionally, viruses
can spread to other computers by infecting files on
a network file system or a file system that is accessed
by another computer. Viruses are sometimes confused
with worms. A worm, however, can spread itself to other
computers without needing to be transferred as part
of a host. Many personal computers are now connected
to the Internet and to local-area networks, facilitating
their spread. Today's viruses may also take advantage
of network services such as the World Wide Web, e-mail,
and file sharing systems to spread, blurring the line
between viruses and worms.
Anti-virus software and other countermeasures
Many users install anti-virus software that can detect
and eliminate known viruses after the computer downloads
or runs the executable. Some virus scanners can also
warn a user if a file is likely to contain a virus based
on the file type; some antivirus vendors also claim
the effective use of other types of heuristic analysis.
Some industry groups do not like this practice because
it often increases the number of false positives the
anti-virus software detects. They work by examining
the contents of the computer's memory (its RAM, and
boot sector) and the files stored on fixed or removable
drives (hard drives, floppy drives), and comparing those
files against a database of known virus "signatures".
Some anti-virus programs are able to scan opened files
in addition to sent and received emails 'on the fly'
in a similar manner. This practice is known as "on-access
scanning." Anti-virus software does not change
the underlying capability of host software to transmit
viruses. There have been attempts to do this but adoption
of such anti-virus solutions can void the warranty for
the host software. Users must therefore update their
software regularly to patch security holes. Anti-virus
software also needs to be updated in order to gain knowledge
about the latest threats and hoaxes.
|
.