Malicious software, coded intentionally by malicious programmers, is used to inflict damage to other people's computers, including hardware resources, files, system programs, and application programs; steal other people's data; or exploit other people's computer resources. Malicious software sneaks into an internal host through software loopholes or improper system configurations; or by luring unvigilant users to copy or download it to their computers. Ignorance and negligence of computer users are a major factor contributing to malicious software being wide spread. Business travelers, a.k.a. road-warriors, who use public access points and other untrustworthy networks also present enormous risks to corporate networks.

It is evident that firewalls and IDS/IPS alone are not sufficient to stop malicious software from entering internal computers. New methods are needed to detect, block, and remove malicious software. For this purpose, we need to understand how malicious software is structured, how it lives, and how it disseminates. In every art, there are a few principles and many techniques. The art of anti-malicious software is no exception. To learn this art, we will need to understand common kinds of malicious software, which include viruses, worms, trojan horses, spyware, and zombieware. Malicious codes that exploit software flaws and configuration loopholes in Web systems are also common.

This chapter is focused on virus defense, ...