| [accepted revision] | [accepted revision] |
Content deleted Content added
Reverting edit(s) by 2405:201:D018:A045:193E:61A2:C095:B916 (talk) to rev. 1298181618 by Bruce1ee: non-constructive (RW 16.1) |
Citation bot (talk | contribs) Added bibcode. Removed URL that duplicated identifier. Removed access-date with no URL. Removed parameters. | Use this bot. Report bugs. | Suggested by Headbomb | Linked from Wikipedia:WikiProject_Academic_Journals/Journals_cited_by_Wikipedia/Sandbox | #UCB_webform_linked 496/1032 |
||
Line 4:
A '''computer virus'''<ref name=Virus.NYT2014>{{cite news | newspaper=[[The New York Times]] | url=https://www.nytimes.com/times-insider/2014/08/06/1988-the-internet-comes-down-with-a-virus | title=The Internet comes down with a virus | date=August 6, 2014 | access-date=September 3, 2020 | archive-date=April 11, 2020 | archive-url=https://web.archive.org/web/20200411104243/https://www.nytimes.com/times-insider/2014/08/06/1988-the-internet-comes-down-with-a-virus/ | url-status=live }}</ref> is a type of [[malware]] that, when executed, replicates itself by modifying other [[computer programs]] and [[Code injection|inserting]] its own [[Computer language|code]] into those programs.<ref>{{bulleted list |{{cite book | last=Stallings |first=William |title=Computer security : principles and practice | publisher=Pearson |___location=Boston |year=2012 |isbn=978-0-13-277506-9 |page=182}} |{{cite web |title=Worm vs. Virus: What's the Difference and Does It Matter? |url=https://www.avast.com/c-worm-vs-virus |website=Avast Academy |publisher=Avast Software s.r.o. |access-date=9 March 2021 |archive-date=15 March 2021 |archive-url=https://web.archive.org/web/20210315052312/https://www.avast.com/c-worm-vs-virus |url-status=live }} |}}</ref><ref>{{Cite journal |last1=Piqueira |first1=Jose R.C. |last2=de Vasconcelos |first2=Adolfo A. |last3=Gabriel |first3=Carlos E.C.J. |last4=Araujo |first4=Vanessa O. |date=2008 |title=Dynamic models for computer viruses |url=https://linkinghub.elsevier.com/retrieve/pii/S0167404808000412 |journal=Computers & Security |language=en |volume=27 |issue=7–8 |pages=355–359 |doi=10.1016/j.cose.2008.07.006 |access-date=2022-10-30 |archive-date=2022-12-28 |archive-url=https://web.archive.org/web/20221228052348/https://linkinghub.elsevier.com/retrieve/pii/S0167404808000412 |url-status=live |issn = 0167-4048 |url-access=subscription }}</ref> If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological [[virus]]es.<ref>{{Bulleted list |{{cite web | url=http://vx.netlux.org/lib/aas10.html | author=Alan Solomon |title=All About Viruses | website= VX Heavens |date=2011-06-14 |access-date=2014-07-17 | url-status=dead |archive-url=https://web.archive.org/web/20120117091338/http://vx.netlux.org/lib/aas10.html | archive-date=2012-01-17 }} |{{cite book | author=Aycock, John |title=Computer Viruses and Malware | url=https://archive.org/details/computervirusesm00ayco | url-access=limited |publisher=Springer |year=2006 |isbn=978-0-387-30236-2 | page=[https://archive.org/details/computervirusesm00ayco/page/n27 14]}} |}}</ref>
Computer viruses generally require a [[Computer program|host program]].<ref name="Avast">{{cite web |title=Worm vs. Virus: What's the Difference and Does It Matter? |url=https://www.avast.com/c-worm-vs-virus |website=Avast Academy |publisher=Avast Software s.r.o. |access-date=9 March 2021 |archive-date=15 March 2021 |archive-url=https://web.archive.org/web/20210315052312/https://www.avast.com/c-worm-vs-virus |url-status=live }}</ref> The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. By contrast, a [[computer worm]] does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the [[Computer program|host program]], but can run independently and actively carry out attacks.<ref>{{Cite book|last=Yeo, Sang-Soo.|title=Computer science and its applications : CSA 2012, Jeju, Korea, 22-25.11.2012|date=2012|publisher=Springer|isbn=978-94-007-5699-1|pages=515|oclc=897634290}}</ref><ref>{{Cite journal|last1=Yu|first1=Wei|last2=Zhang|first2=Nan|last3=Fu|first3=Xinwen|last4=Zhao|first4=Wei|date=October 2010|title=Self-Disciplinary Worms and Countermeasures: Modeling and Analysis|journal=IEEE Transactions on Parallel and Distributed Systems|volume=21|issue=10|pages=1501–1514|doi=10.1109/tpds.2009.161|bibcode=2010ITPDS..21.1501Y |s2cid=2242419|issn=1045-9219}}</ref>
Virus writers use [[social engineering (security)|social engineering]] [[deception]]s and exploit detailed knowledge of [[vulnerability (computing)|security vulnerabilities]] to initially infect systems and to spread the virus. Viruses use complex anti-detection/stealth strategies to evade [[antivirus software]].<ref>{{Bulleted list |{{cite book | author=Filiol, Eric | title=Computer viruses: from theory to applications | url=https://archive.org/details/computervirusesf00fili_399|url-access=limited | publisher=Springer |year=2005 |isbn=978-2-287-23939-7 | page=[https://archive.org/details/computervirusesf00fili_399/page/n28 8]}} |{{cite book | author=Harley, David | title=Viruses Revealed | url=https://archive.org/details/virusesrevealed00harl | url-access=registration |publisher=McGraw-Hill |year=2001 | isbn=0-07-222818-0 |page=[https://archive.org/details/virusesrevealed00harl/page/6 6]|display-authors=etal}} |{{cite book | author=Ludwig, Mark A. | title=The Little Black Book of Computer Viruses: Volume 1, The Basic Technologies | year=1996 |isbn=0-929408-02-0 |pages=16–17| publisher=American Eagle Publications }} |{{cite book | author=Aycock, John | title=Computer Viruses and Malware |publisher=Springer |year=2006 |isbn=978-0-387-30236-2 | page=[https://archive.org/details/computervirusesm00ayco/page/n40 27] | url=https://archive.org/details/computervirusesm00ayco | url-access=limited}} |}}</ref> Motives for creating viruses can include seeking [[income|profit]] (e.g., with [[ransomware]]), desire to send a political message, personal amusement, to demonstrate that a vulnerability exists in software, for [[sabotage]] and [[Denial-of-service attack|denial of service]], or simply because they wish to explore [[cybersecurity]] issues, [[artificial life]] and [[evolutionary algorithm]]s.<ref>{{cite book | editor=Bell, David J. | display-editors=et al | chapter=Virus |title=Cyberculture: The Key Concepts |publisher=Routledge | year=2004 |isbn=9780203647059 | page=[https://archive.org/details/cyberculturekeyc0000unse/page/154 154] | chapter-url=https://books.google.com/books?id=5MFWZK0CSOQC&pg=PA154 | url=https://archive.org/details/cyberculturekeyc0000unse/page/154}}</ref>
Line 69:
== Detection ==
To avoid detection by users, some viruses employ different kinds of [[deception]]. Some old viruses, especially on the [[DOS]] platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus. This approach does not fool antivirus [[software]], however, especially those which maintain and date [[cyclic redundancy check]]s on file changes.<ref>{{cite book|editor=Béla G. Lipták |title=Instrument engineers' handbook|date=2002|publisher=CRC Press |___location=Boca Raton|isbn=9781439863442|pages=874|edition=3rd|url=https://books.google.com/books?id=KPjLAyA7HgoC&q=cyclic+redundancy+checks+on+file+changes+virus+guards&pg=PA205|access-date=September 4, 2015}}</ref> Some viruses can infect files without increasing their sizes or damaging the files. They accomplish this by overwriting unused areas of executable files. These are called ''cavity viruses''. For example, the [[CIH virus]], or Chernobyl Virus, infects [[Portable Executable]] files. Because those files have many empty gaps, the virus, which was 1 [[kilobyte|KB]] in length, did not add to the size of the file.<ref>{{cite web|title=Computer Virus Strategies and Detection Methods|url=http://www.emis.de/journals/IJOPCM/files/IJOPCM(vol.1.2.3.S.8).pdf|access-date=2 September 2008|url-status=live|archive-url=https://web.archive.org/web/20131023063830/http://www.emis.de/journals/IJOPCM/files/IJOPCM(vol.1.2.3.S.8).pdf|archive-date=23 October 2013}}</ref> Some viruses try to avoid detection by killing the tasks associated with antivirus software before it can detect them (for example, [[Conficker#Self-defense|Conficker]]). A Virus may also hide its presence using a [[rootkit]] by not showing itself on the list of system [[Process (computing)|processes]] or by disguising itself within a trusted process.<ref>{{Cite web |date=2022-03-09 |title=What is Rootkit – Definition and Explanation |url=https://www.kaspersky.com/resource-center/definitions/what-is-rootkit |access-date=2022-06-26 |website=www.kaspersky.com |language=en}}</ref> In the 2010s, as computers and operating systems grow larger and more complex, old hiding techniques need to be updated or replaced. Defending a computer against viruses may demand that a file system migrate towards detailed and explicit permission for every kind of file access.{{citation needed|date=January 2019}} In addition, only a small fraction of known viruses actually cause real incidents, primarily because many viruses remain below the theoretical epidemic threshold.<ref>{{Cite book
=== Read request intercepts ===
| |||