methods to prevent virus

methods to prevent virus

Typically, the kernel is the heart, the most fundamental function of the operating systems. Moreover, it represents the critical security functions in the operating system which include access control and authentication. Also, it promotes separation, verifiability as well as complete coverage. The kernel is a computer program that is present at the core of the operating system with absolute control over everything existing in the system. Consequently, the kernel assists in performing interactions between the hardware and software components (Schoenfield, 2015). The kernel also represents the highest level of privilege in the operating system of a modern general purpose of a computer. In that regard, it arbitrates access to protected controls and hardware how limited resources on physical memory and the CPU are utilized by processes on the OS. Again, when a process on the operating system wants to access the network, files, or view configuration data, the kernel is responsible for establishing if it is suitable for the process to access the actions as well as executing out those functions.

Following the fact that computers have being compromised, most hackers have sought means to hide their presence on the compromised systems from the administrators of the systems to the users. There is this tool known as a rootkit that can be used to access the root access of the system (Schoenfield, 2015). They play a crucial role in modifying the software system which can easily be detected together with the kernel of the operating system. Hence, the most logical step for computer hackers is to compromise the kernel of the OS. A compromised kernel can deceive users, other programs as well as administrators of the system to detect ways. A kernel is extremely attractive as it allows complete access to all processes and computers on a computer.

Explanation:

The main reason as to why the designer installs into the kernel even though it is quite dangerous is to gain every privilege that the kernel comprises. Moreover, he or she can easily make changes to file systems and also access areas that one cannot access by software installed in user mode. This is very significant as it provides flexibility to the designer to access and operate without any limitations.

As discussed above, the kernel comprises visibility of almost everything in the operating system including all the drivers as well as their linked activity flow via the kernel. To gain access to all the activities in the operating system and be secure against any malicious act by attackers, the security software needs to achieve full visibility (Schoenfield, 2015). Typically, this can be made possible by executing the software present in the kernel. However, immediately the kernel software is started, the flow is from the kernel to the user. Hence, it will be easier to prevent an attack on the kernel by malicious individuals.

Other methods to prevent virus –

There are still higher chances of attackers invading the kernel via the initialization sequence of a kernel driver mainly during the startup.Moreover, that call cannot be put to an end and therefore, the kernel drivers must begin. The kernel services require staring and opening and this opening call is an attack surface that needs to be mitigated. Therefore, the kernel driver should not provide access from just any binary. Executing this permit by not allowing any binary user to open it prevents opening up an attack surface to whichever program code that gets a chance to implement on the operating system. Again, the attacker surface could be curtailed if the kernel driver executes some sort of validation that only permits one true antivirus engine to open it (Schoenfield, 2015). This kind of authentication could be made available through the application of several methods such as binary signature validation over the binary hash. Binary signature validation is a method that guarantees that the software downloaded or the code of the program has not been tampered with or corrupted after being signed by the publisher.

A designer can also use spyware that easily detects when a computer has a virus. Again the software steals information or collects data usage even when the source is from a legitimate or a reputable source (Schoenfield, 2015). Lastly, a designer can use a strong password that is complex, for instance, one with a mix of symbols, letters, and numbers to prevent the attackers from getting access to the software.