virtual computers
-
now , i'm thinking about developing a simple anti-virus program as a graduation project.So anyone know where to find articles that would help me .. about Virtual computers for example. all i know about virtual computer is that i isolate a part of the memory & create a virtual computer & test the file on it .. if it destroyed the computer ,then it's a virus. aslo what i should read about or know to such idea ? thanks plextoR plextoR
-
now , i'm thinking about developing a simple anti-virus program as a graduation project.So anyone know where to find articles that would help me .. about Virtual computers for example. all i know about virtual computer is that i isolate a part of the memory & create a virtual computer & test the file on it .. if it destroyed the computer ,then it's a virus. aslo what i should read about or know to such idea ? thanks plextoR plextoR
hmm, I think you want to write an emulator. however, this is pretty complex - also most serious viruses use self modify code and encrypted payloads.... I would suggest reading books on how to write a virus first, then think about how to catch them
"When the only tool you have is a hammer, a sore thumb you will have."
-
hmm, I think you want to write an emulator. however, this is pretty complex - also most serious viruses use self modify code and encrypted payloads.... I would suggest reading books on how to write a virus first, then think about how to catch them
"When the only tool you have is a hammer, a sore thumb you will have."
He could use something like VMWare. I use it all the time to test installations and to keep fresh demos of software I have developed (so it does not get corrupted by other software). Of course, in order to run a virtual computer, you have to set aside enough RAM to run the computer, and startup takes a while. Just curious...why write a virus checker like this? Many viruses don't go off until a certain date, so they would not affect the virtual machine in any way until the correct date. Others only corrupt machines randomly. Still others don't corrupt the machine, but use the machine as a launching point in order to spread. With a virtual machine, you would have just let this virus onto your network. This reminds of of Turing Machine theory and complexity theory. It is provable that no program running in finite time can determine if another, arbitrary program will stop executing. In other words, it is awfully difficult to construct an algorithm that can detect a virus automatically.
-
He could use something like VMWare. I use it all the time to test installations and to keep fresh demos of software I have developed (so it does not get corrupted by other software). Of course, in order to run a virtual computer, you have to set aside enough RAM to run the computer, and startup takes a while. Just curious...why write a virus checker like this? Many viruses don't go off until a certain date, so they would not affect the virtual machine in any way until the correct date. Others only corrupt machines randomly. Still others don't corrupt the machine, but use the machine as a launching point in order to spread. With a virtual machine, you would have just let this virus onto your network. This reminds of of Turing Machine theory and complexity theory. It is provable that no program running in finite time can determine if another, arbitrary program will stop executing. In other words, it is awfully difficult to construct an algorithm that can detect a virus automatically.
agreed, thats why i thought a pattern recogniser would be more sensible - virus would tend to use the same code snippets that would be unlikly to be found in a standard program. on could use some baysian hack that could work out if the code 'looked' dubious.
"When the only tool you have is a hammer, a sore thumb you will have."