Seminar on IT Ac

Presentation on:

VIRUS
DISSEMINATION

INTRODUCTION
Cyber crime is criminal activity done using
computers and the Internet. This includes
anything from downloading illegal music files
to stealing millions of dollars from online
bank accounts. Cybercrime also includes
non-monetary offenses, such as creating and
distributing viruses on other computers or
posting confidential business information on
the Internet.
3

TYPES OF CYBER CRIME

HACKING
DENIAL OF SERVICE ATTACK
VIRUS DISSEMINATION
CYBER STALKING
SOFTWARE PIRACY
PORNOGRAPHY
PHISHING
SPOOFING
CYBER DEFAMATION
etc.

VIRUS DISSEMINATION
Malicious softwares that attach itself to other
software.. (virus, worms, Trojan Horse, Time bomb,
Logic Bomb, Rabbit and Bacterium are the malicious
software's)
A true virus is capable of self replication on a
machine. It may spread between files or disks, but
the defining character is that it can recreate itself on
its own without traveling to a new host.
Hence, virus dissemination is act of spreading
malicious software which affect available files on the
computer & spread over networks using internet.

Typical actions of virus

Erase files
Scramble data on hard disk
Cause erratic screen behaviour
Halt the PC
Just replicate itself
Loading data on internet

CHARACTERISTICS
Size - The sizes of the program code required for computer
viruses are very small.
Versatile - Computer viruses have appeared with the ability
to generically attack a wide variety of applications.
Propagation - Once a computer virus has infected a program,
while this program is running, the virus is able to spread to
other programs and files accessible to the computer system.
Effectiveness - Many of the computer viruses have
catastrophic effects on their victims, including total loss of
data, programs, and even the operating systems failure.
Functionality - A wide variety of functions has been
demonstrated in virus programs. Some virus programs
merely spread themselves to applications without attacking
data files, program functions, or operating system activities
while some attack system files.
7

CASE STUDY
NAME: MELISSA
TYPE:
MACRO VIRUS
AUTHOR: DAVID SMITH
OPERATING SYSTEMS AFFECTED:
WINDOWS XP, 2000
REPORTED COST: $1.1 BILLION

CASE STUDY
Melissa is a fast-spreadingmacrovirus that
is distributed as an e-mail attachment that,
when opened, disables a number of
safeguards in Word 97 or Word 2000, and,
if the user has the Microsoft Outlook e-mail
program, causes the virus to be resent to
the first 50 people in each of the user's
address books. While it does not destroy
files or other resources, Melissa has the
potential to disable corporate and other
mail servers as the ripple of e-mail
9

CASE STUDY
WORKING:
Melissa arrives in an email, with the subject line
"Important Message From <email address of the account
from which the virus was sent>". The "sender" will be the
actual email address that it came from. The body of the
message is "Here is that document you asked for ... don't
show anyone else;-)".
When an infected document is opened, Melissa checks if
theMicrosoft Office registry keyhas a subdirectory
named "Melissa?" exists with "... by Kwyjibo" set as its
value. If the value has been set, the virus will not perform
the mailing routine. If the value is not set, the virus mails
itself to fifty addresses in the user's Address Book.
10

CASE STUDY
SOURCE CODE:
seg000:00000000 seg000 segment byte public 'CODE' use32
seg000:00000000 assume cs:seg000
seg000:00000000 assume es:nothing, ss:nothing, ds:nothing, fs:nothing,
gs:nothing
seg000:00000000 47 45 54 20 2F 64+aGetDefault_ida db 'GET /default.ida?
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN'
seg000:00000000 65 66 61 75 6C 74+ db
'NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNN'
seg000:00000000 2E 69 64 61 3F 4E+ db
'NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNN'
seg000:00000000 4E 4E 4E 4E 4E 4E+ db
'NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNN'
seg000:00000000 4E 4E 4E 4E 4E 4E+ db 'N
%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u685'
seg000:00000000 4E 4E 4E 4E 4E 4E+ db
'8%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53f'
11

CASE STUDY
EFFECT:
While the virus has no deliberately
malicious payload, it did place a burden on
email servers, making it a Denial of
Serviceattack. Also the "damages" were
mostly lost productivity due to companies
closing down their servers. Many people in
the IT industry said that the situation could
have been much worse, as all the virus
really did was email itself.
12

CASE STUDY
AVOIDANCE:
Avoiding Melissa does not mean you can't
read your e-mail - only that you have to
screen your notes and be careful about what
attachments you open.
If you get an e-mail note with the subject,
"Important Message from [the name of
someone]," and it has an e-mail attachment
(usually a 40 kilobyte document named
LIST.DOC), simply DO NOT OPEN (for
example, do not click on) the attachment.
13

CASE STUDY
PROSECUTION:
On December 10, 1999 Smith pleaded
guilty and was sentenced to 10 years,
serving 20 months, and was fined US
$5,000. The arrest was the result of a
collaborative effort involving (amongst
others) theFBI, theNew Jersey State
Police, Monmouth Internet and a
Swedish computer scientist.

14

SOLUTION
To protect yourself you need to be
Proactive about Security issues.
Being reactive wont solve anything; in
matter of fact it can make the problem much
more complex to solve, and the situation
much worse, resulting in a complete
Nightmare!!
Best measures are the preventative ones.
You need to basically to do four steps to keep
your computer and your data secure:
15

SOLUTION
STEPS:
1. Get the latest Anti-Virus Software.
2. Make sure you have the latest security
patches and hot fixes using Windows Update.
3. Use a Host-Based Firewall.
4. BACKUP your Important Files.
16

LEGISLATION

LAWS:
Section 43, 66 of IT Act,2000 and section 426 of IPC
consists law against virus dissemination.

PUNISHMENT:
Imprisonment up to three years, or/and with fine up
to 2 lakh rupees.

17

CONCLUSION
Cyber crime poses a big threat to both
national and international security. Every
country in the world needs to have
establish laws to protect itself from cyber
crime. However, the establishment of these
laws alone is not enough, educating the
masses against cyber crime and strict
enforcement of these laws is also
necessary.
18

REFRENCES
WEBSITES:
http://cybercellraj.com
http://cybercellmumbai.gov.in
http://cyberlawsindia.net
BOOKS:
Peter Szor, The Art of Computer Virus and
Defence, Harlow, England Addison Wesely
Professional, 2005.
Nicholas Weaver, Vern Paxson, Stuart Staniford,
and Robert Cunnigham, A Taxonomy of Computer
19
Worms

THANK YOU

Submitted to Mr. Ranjeet Pandey

Dr. K.K. Agarwal

Submitted by Nidhish Bhatia

IV year, B.Tech(IT)

20