Computer viruses cannot spread by infecting pure data; pure data files are not executed. However, some data, such as files with spreadsheet input or text files for editing, may be interpreted by application programs. Under these circumstances, the data files are “executed” and may spread a virus. Data files may also contain “hidden” code that is executed when the file is used by an application, and this too may be infected.
Technically speaking, however, pure data itself cannot be infected by computer viruses. The first definition of a computer virus was provided by Dr. Frederic B. Cohen who defined a virus as “A computer program able to infect other programs by modifying them to include a possibly evolved version of itself.” Although Dr. Cohen and others have attempted formal definitions of computer viruses, none have gained widespread acceptance or use.
Dr. Cohen’s definition includes any program capable of self-replication. Thus, by his definition, programs such as compilers and editors would be classed as viruses. The main difficulty when trying to give the exact definition of a virus is that all the unique features of a virus may be found in other non-virus programs, or there exist some viruses, which are free from those features.
I will now define a computer virus in a slightly more detailed manner that will show us the characteristics a virus should have. A computer virus should have at least the following four elements. It should O Be a set of computer instructions O Be deliberately created O Propagate using host programs, and O Do undesirable things. I will now examine each of these elements separately.
The first element states that a computer virus is a set of instructions, which in turn implies that a computer virus is a software program. While computer viruses are usually software programs, they don’t have to be. For example, consider a simple modem link that allows you to copy, delete, move and possibly run programs on other computer systems. A virus in this case could just as well be a communication script that propagates by copying itself onto different systems and causes damage. The second point is that every virus is deliberately created by a programmer who actually sat don’t and wrote the entire code for the virus. Viruses are not programming errors or hardware malfunctions.
The third is that computer viruses spread. This means that viruses have the ability to replicate and spread to different areas via diskettes, LANs and WANs, the Internet, telecommunication links and any other computer transportable media. Computer viruses normally find an un-infected program and attach a copy of themselves in order to replicate and spread through different systems. The fourth characteristic is the one that most people are aware of.
The computer virus does unwanted things like deleting files, formatting disks, changing the keyboard input, eating up CPU time and slowing down the system. Even the abovementioned characteristics are not final to all viruses. However, as mentioned earlier, the main feature of computer viruses is their capability of incorporating into different objects of an operating system. But again, even this may not hold true under special circumstances.
For example MS-DOS has all the necessary means to arbitrarily install itself to non-DOS disks. To do so, it is sufficient to create an AUTO EXEC. BAT file containing the following lines: SYS A: COPY . SYS B COPY …
on a DOS boot floppy. If we modify DOS as described above, it will become a virus in its own right from the point of view of any existing definition of a computer virus. Taking this point a step farther, sometimes it is rather difficult to tell wether a file / program is a virus or not. Notable examples of this would be KOH virus and ALREADY.
COM program. I will now try to define other malicious software programs that are sometimes thought of as viruses. Trojan Horses and Bombs Trojan Horses and Bombs are similar to viruses in all respects but one. They do not replicate. While viruses modify other programs to include a copy of the viral code in order to spread further, Trojan Horses and Bombs do not. Trojan Horses, like the mythical Greek “Trojan Horse”, normally masquerade as some other system command or popular r new interesting program such as a game.
Therefore, Trojans are programs that perform some unwanted action while pretending to be useful. A special type is the backdoor Trojan, which does not do anything overtly destructive, but sets the computer open for remote control and unauthorized access. Some of the commercially available remote administration tools like SATAN can be used as Trojans in certain settings. Bombs which are also known as Time Bombs are similar to Trojan Horses in the sense that they too cause damage. The basic difference is that while Trojan Horses cause the damage the moment they are run, Bombs will cause damage only on a certain logical trigger. The trigger for a Bomb could by any condition which can be logically tested.
Worms A Worm is similar to computer viruses in that it, too, replicates. However, it replicates only itself and does not attach to other host programs like a virus does. Although, one in some cases may argue that a worm’s host is the machine it has infected. In the beginning worms were considered to be mainly a mainframe problem. This changed after the Internet became widespread; worms quickly got accustomed to the windows operating system and started.