Assignment 7-1: Software Paper
Antivirus Software
By Dan Rowley
As technology has grown over the past forty years, certain aspects of technology have become an absolute necessity in today’s business world. The ever-changing face of the IT industry has made life much easier at work and at home. However, the history of time tells us that people who have no life and way to much time on their hands looking to make a name or those who want to make money off others will exploit any successful invention.
Either way, the computer virus has inflicted a major amount of damage in down time, which has cost corporations millions. The purpose of this paper is to give some insight to the evolution of the anti-virus software, as well as, a look at the functionality that makes it work. What does the future hold for this technology? We’ll discuss all of these points.
The story of anti-virus software is actually one where the cart comes before the horse. In other words, the virus comes into technology before a variety of software is developed to combat the problem. To understand the evolution of anti-virus software, we must first examine the computer virus itself.
According to Anti-virus World: “Going back to the origin of viruses, it was in 1949 that Mathematician John Von Neumann described self-replicating programs which could resemble computer viruses as they are known today. However, it was not until the 60s that we find the predecessor of current viruses. In that decade, a group of programmers developed a game called Core Wars, which could reproduce every time it was run, and even saturate the memory of other players' computers.” (Anti-virus World, 2003).
The “Reeper” is created as the first known anti-virus to combat a virus at the time named “Creeper” in the early 70’s. The Creeper would enter a network via modem. The early 80’s brought on the first virus to cause damage via an operating system. “Apple Viruses 1, 2, and 3 are some of the first viruses "in the wild," or public domain.”(Computer Viruses,2005). In 1981, this virus was found on the operating system of the Apple II. The virus initiated at Texas A&M University. The use of pirated video games helped to spread the virus.
In 1983, Fred Cohen coins the phrase computer virus. This is the first public acknowledgement that such a condition exists. From this point on, the floodgates are opened wide. The viruses become more sophisticated and complicated. For example, “In 1986, the first PC virus was created. It was the Brain virus from Pakistan. Brain was a boot sector virus and only infected 360k floppy disks. Interestingly, even though it was the first virus, it had full-stealth capability.” (IBM, 2005).
Brian left a lasting impression. Following Brian, the author’s of new viruses found out that attacking files could be the most damaging to a system. In 1988, the Jerusalem virus was the first of many viruses to have the ability to reach a large number of computers include business, personal, ect. “Activated every Friday the 13th, the virus affects both .EXE and .COM files and deletes any programs run on that day” (Computer Viruses, 2004).
Today, there are many ways to introduce electronic infection to a computer. The most common are the following:
In the past 6 years, viruses have made major strides in maximum damage. The Melissa virus of 1999 used an e-mail type virus. However, Melissa was sent as an attachment inside an e-mail. Melissa could also infect other attachments such as word documents, etc. At the time, Melissa was the fastest spreading virus of all time. Many large corporations, including Microsoft, had to completely shut down their e-mail servers.
The I Love You virus of 2000 had very similar consequences as Melissa. I remember the I Love You virus of 2000. The message line “I Love You” would show up in the subject line. “The virus comes as a VBS attachment and deletes files, including MP3, MP2, and JPG. It also sends usernames and passwords to the virus' author.”(Computer Viruses, 2004). This particular virus shut down the corporation by 11 a.m. that day due to problems with e-mail server and system in general. The cost to our company was substantial.
I’ve chosen to show the functionality of Norton. During a scan, Norton Anti-Virus searches memory, selected drives, and boot area for signs of a virus in the form of signatures or patterns. The virus is identified by definition files, which are updated on a daily basis. Each new definition will be added to the current list by Norton to ensure the most current list. When the scan disk button has been pressed on the computer the following will be scanned:
Memory:
First, the computer's memory is searched. A virus may reside in a program, boot sector, or macro. “Memory resident have copied themselves into a computer's memory. In memory, a virus can hide until a trigger event occurs. Then the virus can spread to a floppy disk in the disk drive, or to the hard drive.”(Norton, 2005). Even though a virus exiting in memory cannot be cleaned, rebooting and starting the scan over will remove it.
Boot area:
Next, two items in the boot areas are checked master boot record and partition tables.
Floppy drive:
Then, the floppy disk is scanned. The floppy disk is very susceptible to a virus when left in the drive during shutdown or reboot. Norton will check the disk for possible virus. If a floppy disk is left in the drive when shutting down the computer, a message will prompt you to remove the disk.
Selected files:
Finally, Norton will check all files on the hard drive to see if a virus patterns or signatures exist within a file. If a virus is found, the program will try to clean the virus. If all attempts to fail, Norton will quarantine the file preventing further damage. At end of scan, the program will give a list of viruses found and options on actions may be taken.
Due to the increased demand for virus protection, the first large company to develop an anti-virus software is developed. The Symantec Corporation introduces a product called Norton Anti-Virus in 1990. This is the first software product to be produced to a large-scale market specifically for the threat of viruses.
Many companies followed Symantec’s lead including McAfee and F-Prot. The computer virus epidemic across the world shows no sign of letting up. In 2005, the anti-virus software industry is a billion plus dollar a year industry.
Future
Ironically, this software will never be obsolete. There are two reasons why this true. First, the hackers of the world feel like they have something to prove. As soon as one fix is created, another virus is created. The second is a much more sinister reason. As with spy-ware, anti-virus is a multi-million dollar business. My personal opinion is that software companies hire individuals to create new viruses. Because this is a lucrative business, the cycle will always continue. There is way too much money to be made.
Reference: