The purpose of this dissertation is to develop a system to detect and contain the threat of computer viruses. A definition for a computer virus is given and the characteristics of several successful virus attacks are reviewed. Theory and implementation details of various protection mechanisms are discussed. Once the background of the computer virus threat has been established, a system that detects the presence of a virus is presented. The system is capable of taking its own automatic countermeasures. The security system is aposteriori because it detects viruses only after an infection has occurred. A method to immunize the security system from viral infection is also presented. The aposteriori security system is intended to complement the existing security access controls of a computer system.
Index Terms
- An aposteriori computer security system to identify computer viruses
Recommendations
An approach to containing computer viruses
This paper presents a mechanism for containing the spread of computer viruses by detecting at run-time whether or not an executable has been modified since its installation. The detection strategy uses encryption and is held to be better for virus ...
High-level language computer viruses— a new threat?
Companion viruses have not received as much attention as their non-companion counterparts. To some extent this is due to the fact that only a small percentage of the computer viruses released into the computing world have been companion viruses. However,...
A hybrid intrusion detection system design for computer network security
Intrusions detection systems (IDSs) are systems that try to detect attacks as they occur or after the attacks took place. IDSs collect network traffic information from some point on the network or computer system and then use this information to secure ...