NoteVerse

Computer Security Basics: viruses

Comprehensive study notes, diagrams, and exam preparation for Computer Security Basics: viruses.

Computer Security Basics: Viruses

Definition

A computer virus is a type of malicious software (malware) that, when executed, replicates itself by modifying other computer programs and inserting its own code. Once this replication succeeds, the affected areas are said to be "infected" with the virus, which can damage software, corrupt data, or steal sensitive information.

Main Content

1. The Nature of Infection

  • Viruses require a "host" program or file to survive and spread, distinguishing them from worms, which can travel independently.
  • They remain dormant until the user performs an action that triggers the infected file, such as opening an application or running a script.

2. Propagation Mechanisms

  • Viruses spread primarily through human interaction, such as sharing infected USB drives, downloading suspicious email attachments, or installing pirated software.
  • Once inside a system, they attempt to spread to other executable files on the local drive or across a network.

3. Impact on System Integrity

  • Performance degradation: Viruses often consume CPU cycles and memory, causing the computer to slow down significantly.
  • Data sabotage: Some viruses are designed to delete files, reformat hard drives, or encrypt user data for ransom.

Working / Process

1. Attachment / Entry

  • The virus enters the system through an entry point, often disguised as a legitimate file or executable.
  • The user inadvertently executes the file, loading the virus code into the system's volatile memory (RAM).

2. Execution and Replication

  • The virus searches for other executable files (.exe, .com, or .bat files) on the storage media.
  • It injects its malicious code into these healthy files, effectively turning them into carriers for further propagation.
[Healthy File] + [Virus Code] = [Infected File]
      |               |                |
   (Host)      (Instruction)    (Replication)

3. Activation of Payload

  • The "payload" is the specific malicious action programmed into the virus.
  • Examples include displaying annoying pop-ups, disabling security software, or deleting system files.

Advantages / Applications

Note: Viruses are inherently malicious and have no legitimate "advantages" for a user. However, they are studied in cybersecurity for the following reasons:

  • Educational research allows security professionals to develop robust antivirus engines and threat detection heuristics.
  • Ethical hacking and simulation testing help organizations identify vulnerabilities in their IT infrastructure before real-world attacks occur.
  • Understanding viral patterns assists in the development of "sandboxing" technologies, which isolate suspicious code to prevent system-wide damage.

Summary

A computer virus is a malicious self-replicating program that attaches itself to legitimate files to corrupt, steal, or damage system data. It relies on user interaction to spread and trigger its harmful payload. Important terms to remember include Host File, Payload, Malware, and Self-replication.

← Prev: E-commerce
Next: worms →