Transcript VIRUSES and RELATED THREATS

VIRUSES and RELATED
THREATS
Malicious Programs
Malicious Program
Independent
Need Host Programs
Trapdoors
Logic Bombs
Trojan Horses
Bacteria
Viruses
Worms
Virus

Adalah program yang mampu menginfeksi
program lain dengan cara
memodifikasinya.
Sifat Alamai Virus
Dormant Phase (idle phase)
 Propagation Phase (the virus places an
identical copy of itself into other program
or system area on disk)
 Triggering Phase (The Virus Activated to
perform the function)
 Execution Phase (The function is perform)

Struktur Virus
Algoritma virus
Program V:=
{goto main;
1234567;
subroutin infect-executable-file:=
{loop:
file:=get-random-executable-file;
if(first-line-of-file=1234567)
then goto loop
else prepend V to file}
subroutin do-damage:=
{whatever damage to be done}
subroutin trigger-pulled:=
{return true if some condition holds}
Main : main-program:=
{infect-executable;
if trigger-pulled then do-damage;
goto next;}
Next:
}

Proses Infeksi
CV
CV
CV
P2
P1’
P1
P1’
P2
P2’
Jenis-Jenis Virus





Parasitic Virus (tradisional and still most
common form)
Memory-resident Virus (lodges in main memory)
Boot Sector Virus (Infect a master boot record
(MBR) and spreads when a system is booted)
Stealth Virus (a Form a Virus explicite design to
hide itself from detection by antivirus software)
Polymorphics (A mutates with every infection,
making detection by signature of the virus
imposible
Macro Virus
A Macro virus is platform independent
 Infect document, not executable portion of
code
 Easy spread most by electronic mail

Antivirus Approach
Solusi pertama untuk mencegah virus
menempatkan dirinya pada sistem.
Langkah-langkahnya :
- Detection
- Identification
- Removal
