The Spreading of Computer Viruses
On September 23, 2011, CNET, a tech news source, posted an article about one of the most recent Trojans designed to target Mac users running OS X. This virus came in two parts: the first, known as Trojan-Dropper:OSX/Revir.A, distracted the user and installed the second, known as BackDoor:OSX/Imuler.A, which carried out the malicious tasks. Or, at least, it was supposed to. Fortunately, this virus appeared to be a dud, as it did not function very well and could not receive instructions from the remote server it was meant to contact. That being said, it is still unknown how this virus was distributed. As with many viruses, it is likely that this was spread through spam email or malicious websites. By mapping the spread of this virus and many others from one computer to another, an ever expanding network of infected host computers can be created.
As mentioned above, viruses are commonly spread from computer to computer through spam email and malicious websites. There are, though, other ways viruses can spread, such as malicious advertisements, randomly generating IP addresses, and traveling in physical media such as a flash drive. Malicious ads, for instance, can be particularly effective. Two years ago, a malicious ad was displayed on the New York Times website. Although quickly removed, more than a few people were affected due to the high traffic to the website. By randomly generating IP addresses and targeting the associated machines, the slammer worm from 2003 became one of the fastest spreading viruses in the world, doubling the number of infected machines every 8.5 seconds and infecting 90% of vulnerable machines within the first 10 minutes. One of the most media covered viruses in the past few years was the conficker worm. Although this virus turned out to be uneventful, it successfully infected the most computers since slammer by spreading through combination of methods including USB flash drives.
From the activity of these viruses, two main types of networks can be imagined. The first type of network is a rather simple one, having one main node at the center with edges connecting out to many more nodes. This example illustrates the effects of a virus that spreads from an initial source but does not further spread out, such as from a malicious website or advertisement. The center node represents the source of the virus while the outer nodes represent infected computers. The second type of network is similar to the first, but each successive node connects to other nodes, which will then connect to even more nodes. This represents a virus that is capable of spreading from computer to computer, with each node representing an infected host machine.
The latter of these networks is much more complicated than the first and can also have different strengths associated with each of the edges, relating to how easily a virus can be transmitted between nodes. For example, connections spreading out from nodes on a college campus could be rated as strong connections. This is due to the fact that most colleges have very large bandwidths allowing viruses to spread very quickly. Viruses that spread via email, for instance, can send thousands of emails in minutes from an infected host machine on a college campus. Other strong edges can include computers on the same network and infections caused by viruses that spread from a website with high traffic. Examples of weak connections may be infections that only spread via physical media. These viruses spread very slowly, as they are dependent on someone inserting an infected flash drive, CD, or other media into another machine.
The Internet, possibly one of the largest and immense networks of all time, has aided in the spreading of information from one side of the globe to the other. In a matter of seconds, a message can be sent from a student in Ithaca, NY to a friend in Beijing, China. Unfortunately, though, this network has not always been used for the most benevolent uses. Within this large network of information lies another sub-network with a much more malicious intent. Viruses can spread from one machine to the next through many means. Even with this large threat of viruses, it’s still easy to stay safe on the internet. If you always have antivirus software running on your computer, avoid websites that sound unsafe, don’t open strange emails, and simply use common sense on the web, you’ll be more than protected from most threats to your machine.
http://news.cnet.com/8301-1009_3-10351460-83.html
http://www.caida.org/publications/papers/2003/sapphire/sapphire.html
http://www.microsoft.com/security/pc-security/conficker.aspx