Supplementary Reading
These texts are by Darrel Patrick Wash, who is a labor economist in the Division of Occupational Outlook, HLS.
Text 1
Artificial Intelligence
Do you want an omelet or pancakes for breakfast? Toast or a muffin? Just place your order with Robobutler and then go take your shower. When you are ready to eat, your personal robot will serve your meal, clean up the kitchen, and remind you of your day's business appointments. As this helpful little fellow hands you your briefcase at the door, he awaits your instructions for the day; you tell him to vacuum the floor, make the beds, do the laundry, and prepare dinner. Then you get in your car, tell it to drive you to work, sit back, and enjoy the morning paper.
If you think these machines sound too good to be real, you're right. Before Robobutler and other mechanical helpers can work the way we imagine, they will need to be able to understand human language, see and react to what they see the way a person would, and perform many other human-like actions, all of which are examples of artificial intelligence. But just what is artificial intelligence? How much of this technology already exists? And who is working to develop it further?
Artificial intelligence (AI) is not defined in the same way by all who use the term because of disagreement over what intelligent behavior is. One faction within the AI community defines intelligence as the ability to cope with change and to incorporate new information in order to improve performance. Existing technologies don't appear capable of this. The broader view, however, is that artificial intelligence is that which mimics human reasoning or sensing. We already see examples of this capability in expert systems, industrial robots, machine vision, parallel processing, and neural networks, all of which are discussed.
Because AI is hard to define, it is hard to state who works in it and to describe their occupations. Workers include researchers with advanced degrees and software designers who have a bachelor's degree in computer science with an emphasis on AI. Currently, relatively few people are engaged in developing AI products, no more than 8,000 according to knowledgeable sources. Rapid growth in demand for workers to develop this software is expected, but the number of new jobs in this area will still be relatively small.
Text 2
Antivirus Technology
Computer viruses represent a threat to the integrity of all computer systems but perhaps especially to networks where programs and data are shared to a greater extent than with standalone PCs. A network connection may make a computer more vulnerable to virus attack, but the same connection can also be used as part of an integrated system of defense against viruses.
Virus Basics
While the term "computer virus" has become common in the popular press over the last few years, it is quite often used inaccurately or out of context. This has given rise to many misapprehensions about what a virus is, how it works, and the harm that it can do.
The first step to protecting your network against viruses is a proper understanding of the nature of the adversary. This chapter therefore starts with look at viruses in general.
What Is a Virus?
Viruses fall into the broad category of malicious program codes. Most software is written to serve a useful purpose for the user, but programs have been written attempt to breach security, damage data, or display unwelcome messages.
Most of the code in this very wide category is designed to achieve its goal by being executed by an unwitting user. For example, a program for grabbing user passwords on a network might be called LOGIN EXE; the user attempts to log on using this program, which behaves like the real LOGIN.EXE except that it also writes the user's ID and password to a file for later use by an intruder. Programs of this type are called trojan horses or "trojans".
Viruses fall into the broad category of malicious code. What distinguishes viruses of trojan horse from other types is their ability to reproduce themselves. All viruses are trojan horses; they can propagate only if their code is executed by a person who is not aware of their existence. A password grabbing program malicious and dangerous, but it cannot propagate itself.
Virus code must execute to propagate. The most direct way to achieve this for a virus is to attach to a genuine executable program file in such a way that when the user runs the program, the virus code executes too. The virus can attach itself to other executables, from which it spreads to still more. Not all virus code needs to be attached to a file, however. Boot sector virus code copies itself from disk to disk.
Why Do Viruses Exist?
Every computer virus was written by someone who wanted it to infect other people's computer system. In some cases, that was all they wanted: the knowledge that their code was passing from computer to computer, many viruses have no direct effect on the computers that they affect other than the resources (disk space and memory) needed to propagate. These are not to be considered harmless though; virus code is complex and viruses can contain serious bugs that cause the virus to do things not intended by their author.
Some viruses are designed to propagate without the explicit intent of causing harm. These should also be considered as malicious. Any code that executes on your system without your knowledge or consent represents, as minimum, a breach of security and a potential risk to your data.
If viruses did no more than replicate, they would not represent a very serious problem. But the fact they replicate means that they can in theory carry out any task that can programmed on a large number of computers across the world. This is what seems to attract virus writers to the arcane art of low-level programming: the ability to gain temporary control of someone else's computer. This allows the virus writer to corrupt data, hang systems, display obscene or irritating messages on-screen, they decide to program which little fear of having to account for their actions. As a social activity, virus writing fits in somewhere among the arts - graffiti, defacing banknotes, and the kind of actual vandalism that results in prosecution.
Types of Viruses
Knowing how viruses spread and where they hide is vital to any effort to combat them. There are two basic infection categories:
· File Infector Viruses
· Boot Sector Viruses
There are one or two viruses that fit into both categories, but that is because these viruses use both types of propagation mechanism. The mechanisms themselves are completely different, as the next two sections explain.
File Infector Viruses
Remember that virus code must execute before it can propagate. The easiest way to get an unwitting user run code is to trick them into running it when they think they are running something else.
File infector viruses attach copies of their code to regular executable program files. When these are executed by the user, the virus code executes as well and it propagates itself to other program files. These are two basic types of file infector viruses:
Direct file infector viruses attach themselves to the program in such a way when the user executes the program, the virus code executes first. It copies itself to other programs and then passes execution to the original program. This means that the program runs normally, so the user suspects nothing until some time later.
Indirect file infector viruses are also attached to a regular program. When the program executes, the virus loads into RAM before allowing the real program to execute. It remains in RAM without infecting other files until sometime after the real program finishes. The virus only starts to infect other files at a later stage, as they are accessed for execution. Some indirect file infections infect any executable file that is accessed, even if the file is not executing
Boot Sector Viruses
Program files are not the only source of executable code on a computer. A boot sector stores itself in the first sector of a disk, moving the original boot code to a different, unused sector. The virus code executes and the virus looks for other devices with boot sectors. It also loads itself into RAM so that it can infect any other boot sectors that present themselves, such as when a file is copied to or a floppy disk. Finally, it passes execution to the original boot code.
All formatted floppy disks have a boot sector, not just "system" or bootable disks.
Stealth Viruses
Stealth viruses go their tracks in such a way as to make them difficult to detect. Typically, they watch out for attempts by antivirus programs to detect their presence in RAM or on disk and ensure that the antivirus programs get the "wrong" answers to any questions they ask the operating system.
An antivirus program, for example, may check for the existence of a boot sector virus by checking if the boot code is stored in the correct sector of the boot disk, a stealth virus that has moved the boot code to make room for itself intercepts the query from the antivirus program and returns the value that would have been returned had the disk not been infected. The antivirus program therefore reports that the disk has been checked and found not to have a boot sector virus. Stealth viruses are no longer new, and antivirus packages attempt to detect their activity.
Many anti-stealth programs try to detect stealth activity by watching for suspicious activity on the DOS interrupts normally used for disk access or by comparing reported file contents with the actual contents of the specific disk sector on which the file is stored. These methods cannot detect stealth virus activity on networked drives, which are not accessed using the same interrupts and which are not read straight from a disk sector.
Companion Viruses
Not all file infector viruses attach themselves directly to a host program file. Some attach themselves logically; they create files that execute instead of the host program file
Extension companions work as follows: if command (other than a DOS internal command) is issued and DOS finds two files in a directory with the same first name as the command but one having an extension of EXE and the other COM, the COM file executes. A companion virus may "infect" a file called PROGRAM.EXE, therefore, by creating a PROGRAM.COM in the same directory. This file contains the virus. When the user issues the PROGRAM command, the companion executes, runs its virus code, and then calls PROGRAM.EXE, making it look as if nothing out of the ordinary has happened.
Path companions are a little more indirect and can infect COM files too. They examine the DOS path and create a program of the same name in a directory with higher precedence in the DOS path than the program that they are infecting. So, if PROGRAM.EXE is stored in C:\BIN and the DOS path is С: \DOSVBIN, the companion is created in C:\DOS. Again, this companion program executes before the real program, does its virus thing, and then runs the real program.
The principal of these viruses is quite simple. They can fool some integrity checkers that merely note the existence of a new executable file by calculating a checksum for the new file and storing it in their database.
Polymorphic viruses
Early viruses replicated themselves precisely. When copying their code to a new host, whether a file or boot sector, they would copy the essential part bit. This was necessary so that the vital part of the virus code that propagated it was intact on the new host.
This made scanning for viruses' discovery relatively straightforward. Once a virus had been isolated and identified, a distinguishing pattern of bits from its could be extracted. A scanner program could simply check all executables code files for a pattern of bytes that matched this pattern and report an infection when discovered.
Polymorphic viruses are different. They produce offspring with the same functionality as themselves but using a different sequence of bytes. This means that there is no guarantee that a sequence of bytes found in one infection by a specific virus exists in another infection by the same virus. Each type of polymorphic viruses uses a different method to produce this inter – generational variation.
The simplest polymorphic viruses store most of their code in encrypted variation form. The key used to encrypt the code varies at each infection, with the result that scanners cannot match any given string from the virus code from one instance of the virus to the next. However, the encryption and decryption code are the same in all copies of the virus. Scanners can simply search for the encryption/decryption code to spot such a virus.
Some antivirus scanners examine the sequences of instructions in executable files and try to detect when the code is capable of "virus-like activity. Such scanners will not work with polymorphic viruses of this type as the virus-like" instructions have been encrypted and are not visible to the scanner.
More complex polymorgraphic viruses store multiple encryption mechanisms and choose between them at random when they infect. This means that a scanner must check each file several times to be certain of detecting an instance of even one such virus.
Other polymorphic viruses intersperse their own code with random instructions that are not executed, making it impossible for a scanner to identify any consistent pattern of bytes that would reveal for certain that a file was infected with even one variant of a virus.
Polymorphic viruses are the most difficult to detect and as a result, they are fast becoming the most common. When choosing an antivirus solution, bear this fact in mind and make sure that product you choose can reliably detect of this kind.
Macro Viruses
Not all computer code is binary; many applications have built-in macro languages that let the user to program a sequence of instructions to be ex by the application. The macro code is usually stored in its raw form that is, without being compiled, as is the case with COM or EXE files and is interpreted by the application at the time when the macro is executed.
While it has long been known that this type of code is capable of carrying a virus, it was not until late 1995 that the first such macro virus appeared “in the wild" on a significant scale. The WinWord Concept virus is attached to a Microsoft Word 6 document. When the infected document is opened, the virus installs itself in the global Word environment as a micro to be executed each time a document is loaded. From then on, any documents opened by copy of Word are infected with the virus.
The WinWord Concept virus appears to have been written to illustrate the principle of macro viruses rather than to cause any particular damage. However, within a few weeks of its launch, a variant, WinWord, Nuclear, was released that used the same basic mechanism as Winword Concept but caused significant damage on many computers. At least two more Word macro viruses have been released since then. Now that the principle has been established, we can expect macro viruses to become as much a part of everyday life as the more conventional binary viruses.
By now, every major antivirus product can scan files on disk to locate infected Word documents and settings files and remove the virus.
Содержание
Unit I Computer applications
Unit II Personal computing
Unit III Inside the system
Unit IV General features of operating system
Unit V Online services
Unit VI A walk-through word processing
Unit VII Databases
Unit VIII Multimedia
Unit IX A winning Web Page
Supplementary Reading
1. Artificial Intelligence
2. Expert Systems
Дата: 2019-02-25, просмотров: 325.