Accession Number:

ADA214255

Title:

Front-End Anti-Viral Detection Mechanisms Using Replicating/Self-Replicating Software

Descriptive Note:

Rept. for 19 Apr-19 Oct 1989

Corporate Author:

APPLICATION CONFIGURED COMPUTERS INC BALDWIN NY

Report Date:

1989-10-19

Pagination or Media Count:

41.0

Abstract:

The objectives of Front-End Anti-Viral Detection Mechanism Using ReplicatingSelf-Replicating Software, are threefold Research viral mechanisms, anti-viral procedures, and self-replicating software mechanisms for use as security products in MS-DOS and UNIX environments on PCs and Minis. Evaluate the applicability of said mechanisms to protect andor identify andor detect computer virus intrusion and corruption within said systems. Begin experimentation with a replicatingself-replicating software product to be used to secure SDIO operating systems, libraries, and archives. TECHNICAL PROBLEMS ATT UNIX system 5 version 3 HCL America Magnix- CSH supports job monitoring while KSH does not. The disassembler incorrectly disassembles an instruction. The use of a WORM program a self-contained self-replicating software mechanism for the WatchdogParanoia concept due to architectural limitations with regard to memory, memory addresses, and logical memory segments. Due to time and resource limitations, ACC, Inc. used a publicly known CRC-32 algorithm. WatchdogParanoia slows down an MS-DOS based PC appreciably and a UNIX machine, somewhat. Faster, optimized algorithms need to be researched. Due to the impossibility of using existing appropriate technologies for detecting a well- written WORM or Trojan Horse program, these programs were omitted from the proof of concept. Future considerations will address these type of programs directly and separately. aw

Subject Categories:

  • Computer Programming and Software

Distribution Statement:

APPROVED FOR PUBLIC RELEASE