What is the role of compression in the operation of a virus?
19.2
What is the role of encryption in the operation of a virus?
19.3
What are typical phases of operation of a virus or worm?
19.4
In general terms, how does a worm propagate?
19.5
What is a digital immune system?
19.6
How does behavior-blocking software work?
19.7
What is a DDoS?
Problems
19.1
There is a flaw in the virus program of Figure 19.1. What is it?
19.2
The question arises as to whether it is possible to develop a program that can analyze a piece of software to determine if it is a virus. Consider that we have a program D that is supposed to be able to do that. That is, for any program P, if we run D(P), the result returned is TRUE (P is a virus) or FALSE (P is not a virus). Now consider the following program:
Program CV := { . . . main-program := {if D(CV) then goto next: else infect-executable; } next: }
In the preceding program, infect-executable is a module that scans memory for executable programs and replicates itself in those programs. Determine if D can correctly decide whether CV is a virus.