Term Paper

Milestone 3
Team 17
Jacob Lafferty
Nathan Abir
November 17, 2013

Abstract
Since the explosion of popularity of the personal computer in commercial, government
and personal settings continues to grow and information is becoming more and more extensive, it
is important to understand the threat of computer viruses to security. The days are gone where the
only threat to computers was physical harm through theft or destruction of hardware. The
modern era has brought the world into an online medium which is at risk, just as much as it is
useful and imperative to the function of society. Connectivity between machines creates an open
field where varying types of information are the prey to be hunted and stolen. It is important for
computer owners to understand what problems computer viruses can create for them and how
they can take action to defend themselves from an ever changing threat. Knowledge of how these
viruses work, how they have evolved over time, and how they will continue to evolve is the key
to safeguarding information for the good of the online world. The following report contains
discussion on the brief history of computer viruses, the current and future development of
viruses, and countermeasures to defend against them on the individual level.

Introduction

The world has always experienced crime and the world of computers and the Internet is
no exception. Since the early 1980s computer viruses have been a significant issue for anyone
using a computer whether for commercial, government or private use. Nowadays with more and
more sensitive information being transmitted over the internet it has become even more
important to protect that information from those who would steal it and use it for malicious
purposes. Computer viruses were the first major method of compromising computers and still
play a major role in being used to attack computers today. We will discuss what computer viruses
are and the different types of viruses, the history of viruses and of the problems they cause, the
countermeasures that have been developed to deal with computer viruses and the future of
viruses and the ways to deal with them.

Implications and Applications in Security

The implications of viruses are fairly obvious, it means that as more information has
migrated to computer networks and onto the internet that that information has been perceived as
valuable. It also means that there are those who would like to steal that information or take
control of those computers for their own personal gain. Whether it is China or another country
trying to compromise the network security of the CIA or if it is a crime group trying to hack the
computers of a major bank in order to obtain sensitive financial information, it is clear that
viruses have become a major method of attacking the technology that our society has developed.
As we have entered into the so called information age methods to illicitly obtain that
information, such as viruses, have thrived and continue to grow on a daily basis. The applications
of this is that people who have a vested interest in network and computer security can learn how
to better protect their assets and take counter-measures against viruses. In the continual fight to

protect networks we can learn what methods of viruses have been developed, how they have
been used successfully in the past and if their is a way to permanently protect computers or it
will just take constant vigilance and attention to detail when designing operating systems and
firewalls.

Current and Future Developments

Current developments in the design of viruses are focused more on the ongoing race
between hackers and individuals or companies trying to secure their computer networks from
being infected as well as the race between those same hackers and the anti-virus industry. A
number of factors make it so that viruses are a large and ongoing problem in our current time
period. Viruses today are having success by using new methods of infecting computers as well as
combining multiple infection vectors in order to increase the likelihood of successful infection.
Also as software continues to develop and become more complex it becomes increasingly
difficult to perfectly secure a new operating system or software application in fact vulnerabilities
that have been apparent for over a decade are still exploited today because of how difficult it is to
close each of those vulnerabilities. Also currently the average user takes a more lax approach to
protecting their computers from viruses so that when companies release a patch aimed at fixing
vulnerabilities the user does not install the patch in a timely fashion if at all. These factors make
viruses a continued issue in computer security today and are part of the reason why we foresee it
being a problem in the near future as well. In our current situation possible solutions that could
help alleviate the situation could be better informing end users as well as better patching down at
the beta stage of testing new software so that it is less necessary to even have users patch their

computers. Also a possible, though difficult to implement, solution to complex programs and the
issue of having no vulnerabilities in software could be a system of piece by piece programs that
are developed separately but connected together like a puzzle to form the final software or
operating system. The rationale behind this is that these pieces of the final software are smaller
and less complex than the final OS and so are easier to identify if they have vulnerabilities so
that those cannot be exploited. Ultimately, viruses remain a large aspect of the computing
landscape and look to continue to be important in shaping network security in the future.
The future of computer viruses is ever changing. Viruses started with writers who merely created
something just to see if they could or to have fun. Since then, viruses have grown into a tool of
criminal activity for the sake of money. Yet, there is no way to stop viruses at the current time.
Malware and anti-virus software is like a never-ending game of tug-of-war. As one grows and
expands, the other is forced to adapt. And as the connectivity of the world increases, with more
and more devices becoming connected to each other and the Internet, it only adds another target
for computer viruses. The unknown future is the scariest part of malicious code.
Not only is it used for crimes just to steal some fast money; viruses are growing into a huge
threat of national security. Cyber warfare is one of the fastest growing threats of the current age.
At any given moment, the United States government is being bombarded with cyber-attacks from
all over the world. As computer viruses become more and more complex, their threat increases
and is a huge problem for governments of the world. In this age of technology, viruses and cyber
warfare are the greatest weapons that we wield. They could easily become one of the most
destructive tools in any arsenal.

Literature Review

The Evolution of Viruses and Worms

http://vxheaven.org/lib/atc01.html
Summary Computer viruses are defined by the fact that they can self-replicate. Computer
viruses are like biological viruses in that they are not active unless they are in a host program or
document. Computer viruses boil down to two subroutines, the first is how the virus infects other
programs and computers to copy the virus. The second subroutine is the payload or what the
virus does to its host, examples include attacks on antivirus software, deletion of data, and
installation of backdoors. The first viruses were boot-sector viruses and targeted MS DOS
computers. The idea of self-replicating programs dates back to 1949 and was the precursor to
viruses. In 1983, Fred Cohen made the first computer virus, which was shortly followed by the
DOS-based Brain virus of 1986, which was unique in how it attempted to conceal its presence on
infected computers. In 1987, the Christma Exec virus was one of the first viruses to be
primarily spread by email. The 1990s saw the evolution of viruses from targeting DOS to
Windows, cross-platform macro viruses, polymorphic viruses and using email as the primary
method to infect computers became the growing trends. Encryption began to be used to change
the viruss appearance as a response to anti-virus scanning for virus signatures. Polymorphic
viruses appeared in 1989 and took this idea further in that when the virus replicated it inserted a
pseudorandom number of extra bytes into a decryption algorithm that in turn decrypted the virus
body. This became a wider spread problem in 1992 when a Mutation engine was developed to
provide any virus with polymorphism. Virus creation toolkits were soon made that allowed
hackers who had little programming ability to generate hundreds of viruses. One product of these
tool kit viruses was the 2001 Anna Kournikova virus. 1995 saw the advent of macro viruses as
the Concept virus spread across Windows 95 word. Macro viruses are characterized by how

theyre easy to write and cross-platform. Mass-emailer viruses became widely used from 1999 to
the late 2000s. March 1999 saw the Melissa macro virus spread to 100,000 hosts in three days
and highlighted the misconception that a computer couldnt be infected by a virus if you just
opened an email. The bubble boy virus of 2000 showed how a computer could be infected by just
previewing an email. Modern viruses have continued today and are characterized by blended
attacks, attempts at new infection vectors, dynamic code updating via the internet, dangerous
payloads and attacking antivirus software. There has been a trend of moving from viruses to
computer worms which are almost identical to viruses except that they do not need to attach
themselves to an existing program. The article concludes that new virus and worm outbreaks
should be expected in the future, software will continue to have vulnerabilities, new worms and
viruses appear soon after vulnerabilities are discovered, viruses have been successful in using
new infection vectors and future worms and viruses will see a rapid succession of variants which
increases the chances of success.
Criticism- The article The Evolution of Viruses and Worms was very accurate and provides a
lot of information on what exactly viruses are defined as and how they have progressed in past
decades. This source was very effective and thorough for multiple reasons. A major strength of
this source was that it was a comprehensive history of viruses and provided detailed information
on how viruses have changed in design and application as well as how we may expect them to
develop in the future. The source provided multiple direct examples of viruses that have
influenced the growth and change in the design of other viruses. The significant weakness of this
work is that it had a specific emphasis on the development of worms which while similar in
design to viruses have a few key differences and are not an aspect of our topic and made a
significant amount of the information on this source less relevant and useful. The second

significant weakness that this source has is that it only provides information on viruses up to
2004 and is now 9 years old. We can overcome the primary weakness of this source by
understanding the differences between viruses and worms and using the information that
overlaps and is relevant while disregarding the unnecessary information. And we can overcome
the secondary weakness that this source has by supplementing this source with other detailed
sources that provide information on how viruses have changed and developed in the past 10
years. In summary this article is a very useful and accurate source with a few weaknesses that
can be addressed through supplementing this source other more recent sources.
Future
http://www.securitymanagement.com/article/car-viruses-and-other-future-computer-relatedthreats
This source discusses the growing threat of future viruses aimed at more than just desktop
computers. Cars rely on a number of computer chips that assist your driving by evaluating road
conditions and helping your break and steering systems to safely stop. David Friedlander, a
senior analyst with Forrester Research said in a report that in the next few years, we can expect
to see many devices from vehicles to machinery to be at risk of computer viruses and will need
to be managed just as traditional computers need to be managed and protected. As more and
more devices are connected to the Internet or each other, such as GPS systems, it increases the
risk of viruses being targeted by future viruses in development. For example, devices in the field
of medicine are beginning to be connected and share data with other devices and networks.
However, it is not only cars that may be at risk in the future. Tech experts foresee future threats
for any form of embedded computing devices. Malicious code has begun to be aimed at
wireless devices such as tablets, cell phones, and PDAs. This is a clear warning that it is not only

desktop computers that are in danger in the future. Mobile devices have not been very vulnerable
lately because their embedded computers have traditionally been, according to director of IBMs
Security Intelligence, David Mackey, locked down and read only, but as communication and
interactivity with those devices becomes functional for users, there will be more of a chance to
be able to hijack communications or even insert code in those embedded computers.
In order to protect computers, it is important to spread awareness. It is important to look at the
role of the user and create policies for what the computer is used for and who it is used by.
Management must be ordered through IDs, policies, and device requirements, which many
companies are not doing. As more and more devices are obtaining computer chips or connecting
to the internet or systems, more security measures must be put into place to protect from the
ongoing threat of computer viruses and other malicious software. The threat will continue to
grow and evolve, and will not go away.
Criticism:
This source promotes the reality that devices are becoming far more advanced and connectivity
is the way of the future. We already see this effect happening now with cars and other devices
that receive signals from satellites for simple things like listening to radio stations. This has only
begun in the past few years and will continue to grow more advanced. How long could it be until
common household items will be connected to each other and the Internet? Perhaps we may see a
toaster with the ability to check the ideal toasting time for a type of bread by searching the
internet. One device that has become a reality is Microsofts new Xbox One video gaming
console, which uses a camera to observe the player, and is connected to the internet. Rumor
states that Microsoft may be able to use this video feed to inspect the room of the player and give

them advertisements based on what they might need. This connectivity and possible vulnerability
requires the advancement of security.
Mobile devices may be limited to read-only files for the time being as stated in the article, yet
there is a goldmine of data that can still be intercepted from them. The degree of value obtained
from the device depends on what the user is doing. It is very common for cell phone users to
check their email from their phone. Emails often contain information that could be very
important, such as password information; addresses from online shopping receipts, or perhaps an
intercepting viewer could use even the name of the recipient or sender. Mobile devices should be
receiving more security than they currently are to defend against attackers. Just because
malicious code may not be able to take control of the phone or deny certain functions doesnt
mean that they should be seen as not needing security measures. It is possible to install anti-virus
software on mobile devices, yet it may not be long until wireless service providers install the
software on devices before purchase. The threat of data is not known by a large majority of the
public. Many people know that they should have anti-virus software on their computer, yet most
of them do not know what it does or how to use it. This lack of education is the reason that
malicious code is such a problem. If connectivity is going to expand, the awareness of data
security and virus protection must be promoted to consumers so they have the ability to defend
against it.
Countermeasures
https://sites.google.com/site/ictcomputervirus/home/countermeasures-of-preventive-computervirus
This source goes into detail on a number of countermeasures to help prevent and combat
computer viruses. One of the countermeasures listed is the use of antivirus software. Antivirus

software is widely known and used as a first line of defense against viruses and malicious
software. Antivirus software is used because it can detect and remove malware from their
executable files, preventing them from even infecting the computer to begin with. One method of
antivirus software is to analyze a computers memory while using a particular online database to
search for specific traces of any form of malware. This is the most commonly used method for
antivirus software and while it may work, it is at a disadvantage because the online database
must know what to search for in the memory, making this method particularly weak against new
forms of malware.
Another method of antivirus software is to use a heuristic algorithm to search for any
type of common and suspicious behavior of viruses. This method is ideal because it is able to
detect malware that has not already been discovered and had its signature updated into the online
database of antivirus software. Some antivirus software has the ability of on the fly scanning
which may look into messages, emails or downloaded files to search for traces of malware. It is
very important to keep antivirus software updated so it has the ability to fight against the latest
forms of malware.
Since antivirus software is not always able to completely defend against malware, it is
ideal to regularly create backup data of your computer. Backing up data to a CD or other form of
optical storage prevents any form of virus from being brought back after reinstalling backup data
so long as the virus was not on the machine during the time of the backup. However, using
removable media to store backup data such as a USB or external hard drive may not always work
because there are some viruses that are designed to target this data, causing the backup data to
also reinstall the virus. As a last resort to recover from a virus, it is possible to reinstall the
operating system from CD discs. User data can be restored by taking the computers hard drive

out and using another computer to restore it with their operating system, yet this is dangerous
because this other machine may become infected by the virus. Reinstalling the operating system
is a guaranteed way of removing a computer virus; however precautions must be taken when
opening restored executable files as the virus may be in the restored files.
Criticism:
This source refers to anti-virus software as a first line of defense against computer viruses
and malicious software; and it is exactly that. The public only knows that it is recommended to
have some form of anti-virus software on their computers. They may occasionally conduct a
virus scan using the software or maybe they arent aware of the need to scan and think that just
having the anti-virus installed on their computer is enough to defend themselves. The threat of
malware is too real for the arrogance of computer consumers. Anti-virus companies must force
their hand to the consumer and promote the defense of the machine. Awareness of cyber threats
is the absolute greatest defense against them. Another problem with anti-virus software is that
most people find it to be rather annoying. When the software automatically updates itself, it tends
to slow down the machine to the annoyance of the user. This problem can also be resolved by
spreading the awareness of how anti-virus software works and why it is important. If the user is
reminded of the importance of the anti-virus, they may be more likely to personally start the
update at a convenient time, such as during nighttime hours. These updates must be maintained
often because of the need to inform the software of any new threats to search for. As stated in the
article, anti-virus software can only detect and eliminate malicious code that it already knows
about. For this reason, perhaps the heuristic algorithm should be more widespread to increase
security, as it is better at protecting against malware. The ability to spot undiscovered malware

just by observing suspicious behavior is far more beneficial than relying on anti-virus software to
be updated and to know about the code to look for.
Data backup also has the same problem where the public generally doesnt know about
what it is for or how to even perform the action. Many stores will offer to back up computer data
at the time of purchase for an additional fee. This is unnecessary and should be performed by the
owner of the computer to show how the data backup works. A frequent backing up of a computer
should be done because it is always best to be prepared and expect the unexpected. Restoring a
computer to its backup data should be an absolute last resort and would most likely be
unnecessary if the proper precautions are taken and the user is aware of the steps to protect their
machine from viruses and other malicious software.

Conclusion
Through our research we have been able to determine what role viruses have played in
the past to compromise network and computer security and have been able to come to a few
conclusions regarding the problems viruses cause in our world today, as well the significance
they will have in the future of network and computer security. Our literature review showed us

that the first virus was developed in 1983, though the theory of self-replicating programs dates
back to the 1940s. Since then they have continued to develop in complexity and effectiveness so
that they are still a major threat to computer and network security in our world today. We found
that countermeasures such as anti virus software was effective against known viruses that used 2
or less methods of infiltrating the computers. These forms of software relied on online registers
that tracked signatures on viruses to know what needed to be cleaned out. The alternative method
of countering viruses currently is the use of heuristic algorithms, they monitor programs for
suspicious behavior that is typical of known viruses to determine if the program is a virus and so
can identify new viruses through that viruses methods of infiltration. The weakness that has
become apparent is that these common forms of anti virus software are vulnerable to new types
of viruses and viruses that utilize multiple forms of infiltration this makes it very difficult to
continuously counter these viruses. With the advent of more and more technology that is
connected to the internet we have come to the conclusion that viruses will continue to play a
significant role in the future and that this is an issue that has no clear and easy solution. In the
future viruses will begin to attack cars, phones and other forms of technology that was never
connected to the internet before this will require the development of technology specific
countermeasures for these new and developing internet enabled technologies. Ultimately it is
clear that people interested in the security of computers and other forms of technology will
continue to need to anticipate the significant threat that viruses present.