Lab 2
Lawrence Joy
Pengda Jin
Jing Shang
Hanish Mandru
1. What are the various types of malware? How do worms differ from viruses? Do Trojan horses carry viruses or worms?
a. The various types of malware are viruses, worms, Trojan horses, polymorphic threats, virus and worm hoaxes, back door or trap door, denialofservice and distributed denialofservice, and mail bomb.
b. A virus must be executed such as opening an infected email attachment while a worm can be initiated with or without the user downloading or executing the file. c. A Trojan horse carries neither a virus or worm. 2. Why does polymorphism cause greater concern than traditional malware? How does it affect detection? A polymorphic virus is a complicated computer virus that affects data types and functions. It is a selfencrypted virus designed to avoid detection by a scanner.
Upon infection, the polymorphic virus duplicates itself by creating usable, albeit slightly modified, copies of itself.
Polymorphism, in computing terms, means that a single definition can be used with varying amounts of data. In order for scanners to detect this type of virus, bruteforce programs must be written to combat and detect the polymorphic virus with novel variant configurations. a polymorphic virus might have a virus decryption routine
(VDR) and an encrypted virus program body (EVB). When an infected application launches, the VDR decrypts the encrypted virus body back to its original form so the virus can perform its intended function. Once executed, the virus is reencrypted and added to another vulnerable host application. Because the virus body is not altered, it provides a kind of complex signature that can be detected by sophisticated antivirus programs. 3. What is the most common violation of intellectual property? How does an organization protect against it? What agencies fight it?
The most common violation of intellectual property is theft, which is illegal taking of
Pengda Jin
Jing Shang
Hanish Mandru
1. What are the various types of malware? How do worms differ from viruses? Do Trojan horses carry viruses or worms?
a. The various types of malware are viruses, worms, Trojan horses, polymorphic threats, virus and worm hoaxes, back door or trap door, denialofservice and distributed denialofservice, and mail bomb.
b. A virus must be executed such as opening an infected email attachment while a worm can be initiated with or without the user downloading or executing the file. c. A Trojan horse carries neither a virus or worm. 2. Why does polymorphism cause greater concern than traditional malware? How does it affect detection? A polymorphic virus is a complicated computer virus that affects data types and functions. It is a selfencrypted virus designed to avoid detection by a scanner.
Upon infection, the polymorphic virus duplicates itself by creating usable, albeit slightly modified, copies of itself.
Polymorphism, in computing terms, means that a single definition can be used with varying amounts of data. In order for scanners to detect this type of virus, bruteforce programs must be written to combat and detect the polymorphic virus with novel variant configurations. a polymorphic virus might have a virus decryption routine
(VDR) and an encrypted virus program body (EVB). When an infected application launches, the VDR decrypts the encrypted virus body back to its original form so the virus can perform its intended function. Once executed, the virus is reencrypted and added to another vulnerable host application. Because the virus body is not altered, it provides a kind of complex signature that can be detected by sophisticated antivirus programs. 3. What is the most common violation of intellectual property? How does an organization protect against it? What agencies fight it?
The most common violation of intellectual property is theft, which is illegal taking of