A Technical Practice of Opposing Virus with Software Self-defense

碩士 === 中國文化大學 === 資訊管理研究所 === 93 === With the fast developing of internet, computer viruses are easier to use all kinds of medium to spread, such as E-mail, MSN. Therefore, today the anti-virus software al-ready becomes the necessary equipment of computer. But the Scanner presently used by the anti-...

Full description

Bibliographic Details
Main Authors: Chih-Chung Lin, 林志宗
Other Authors: Wen-Gong Shieh
Format: Others
Language:zh-TW
Published: 2005
Online Access:http://ndltd.ncl.edu.tw/handle/65866740577973017684
Description
Summary:碩士 === 中國文化大學 === 資訊管理研究所 === 93 === With the fast developing of internet, computer viruses are easier to use all kinds of medium to spread, such as E-mail, MSN. Therefore, today the anti-virus software al-ready becomes the necessary equipment of computer. But the Scanner presently used by the anti-virus software still can’t immediately discover the new viruses which just start to spread without the new virus definition files. While the anti-virus software still waits for new virus definition files, the new viruses may already stealthily propagate them-selves quickly via the network, infect tens of thousands of computers, and make many damages – the Blaster virus in 2003, the Sasser virus in 2004 for example. Deng, Shieh, Wang, Tung, and Yen (2003) proposed a software self-defense scheme. The scheme uses two files and let them check each other. They not only can detect virus infection but also avoid being destroyed. The above-mentioned authors also suggested using the concept of mutation virus in the self-defense scheme to reduce the opportunities of being destroyed by viruses. However, in their paper, they did not illustrate how to practice, and ignored the integration and information hiding problems between the two files. This research refines the above-mentioned two-file scheme to integrate the muta-tion technique of virus, hide the relationship between the two files, and actually design and practice the software self-defense model which can do self-mutate.