BANGALORE INSTITUTE OF TECHNOLOGY

K.R. Road, V.V. Puram, Bengaluru-560 004

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

Mini Project Work Synopsis

Computer Network Security (18CS52)

Title of Mini Project: Develop a worm

MINI PROJECT GROUP:

Sl. USN NAME Section Email-Id Signature

No.
1 1BI20CS074 Harsha Vardhan M N A Harshavardhanmn2002@gmail.com

2 1BI21CS402 Deepak S P A spdeepak599@gmail.com

3 1BI21CS409 Ranganath P A rp1126015@gmail.com

4 1BI21CS411 Sathvik S P A Skp412013@gmail.com

Faculty In-charge
Prof.Nagamani D R
 Contents

1. Introduction

2. Existing system and Proposed system

3. Problem Statement

4. Software/Hardware Requirement Specification

5. Block Diagram / Architecture

6. Applications

7. objectives

8. Reference
➢ INTRODUCTION
A computer worm is a standalone malware computer program that replicates itself
in order to spread to other computers. It often uses a computer network to spread
itself, relying on security failures on the target computer to access it. It will use this
machine as a host to scan and infect other computers. When these new worm-
invaded computers are controlled, the worm will continue to scan and infect other
computers using these computers as hosts, and this behavior will continue.

Computer worms use recursive methods to copy themselves without host programs
and distribute themselves based on the law of exponential growth, thus controlling,
and infecting more and more computers in a short time. Worms almost always cause
at least some harm to the network, even if only by consuming bandwidth, whereas
viruses almost always corrupt or modify files on a targeted computer.

Many worms are designed only to spread, and do not attempt to change the systems
they pass through. However, as the Morris worm and Mydoom worm even these
"payload-free" worms can cause major disruption by increasing network traffic and
other unintended effects.

➢ EXIXTING SYSTEM
The actual term "worm" was first used in John Brunner's 1975 novel, The
Shockwave Rider. In the novel, Nichlas Haflinger designs and sets off a data-
gathering worm in an act of revenge against the powerful men who run a national
electronic information web that induces mass conformity.

The second ever computer worm was devised to be an anti-virus software. Named
Reaper, it was created by Ray Tomlinson to replicate itself across the ARPANET
and delete the experimental Creeper program (the first computer worm, 1971).

On November 2, 1988, Robert Tappan Morris, a Cornell University computer

science graduate student, unleashed what became known as the Morris worm,
disrupting many computers then on the Internet, guessed at the time to be one tenth
of all those connected.
PROPOSED SYSTEM:
Python worm is a threat that automatically spread to other computers.
The virus was designed to accomplish this through a number of ways.
Worm can make a copy of itself to removable drives, emails, and exploited
network shared environment. This virus aims to spread quickly, especially on a
compromised network of computer.

CHARACTERISTICS OF PROPOSED SYSTEM:

• Independence
A worm does not need a host program, as it is an independent program or code
chunk. Therefore, it is not restricted by the host program, but can run independently
and actively carry out attacks.
• Complexity
Some worms are combined with web page scripts, and are hidden in HTML pages
using VBScript, ActiveX, and other technologies. When a user accesses a webpage
containing a virus, the virus automatically resides in memory and waits to be
triggered. There are also some worms that are combined with backdoor programs or
Trojan horses, such as "Code Red"
• Contagiousness
Worms are more infectious than traditional viruses. They not only infect local
computers, but also all servers and clients on the network based on the local
computer. Worms can easily spread through shared folders, e-mails, malicious web
pages, and servers with a large number of vulnerabilities in the network.

➢ PROBLEM STATEMENT
To develop a worm that can replicate it self on its own. Only for educational purpose.
Because a worm is not limited by the host program, worms can take advantage of
various operating system vulnerabilities to carry out active attacks and this worm
automatically spread to other computers. The virus was designed to
accomplish this through a number of ways. Worm can make a copy of itself to
removable drives, emails, and exploited network shared environment. This virus
aims to spread quickly, especially on a compromised network of computer.
➢ REQUIREMENTS
Software requirements:
We will need two modules to write a worm.
• OS module it is the most important module and we will utilize it to list all files
and directories alongside retrieving the absolute paths.
• Shutil is used to copy file contents., by using shutil.copyfile() method.
• Python 3.4.0
Python is a high-level, general-purpose programming language. Its design
philosophy emphasizes code readability with the use of significant indentation.

Hardware requirements:
A computer or device to act as a target computer to exploit using the worm.

➢ STRUCTURE AND DESIGN OF WORM

➢ APPLICATION & OBJECTIVES

• As a payload:
Any code designed to do more than spread the worm is typically referred
to as the "payload". Typical malicious payloads might delete files on a
host system (e.g., the ExploreZip worm), encrypt files in a ransomware
attack, or exfiltrate data such as confidential documents or passwords.

• Install backdoor
Some worms may install a backdoor. This allows the computer to be
remotely controlled by the worm implanter. Networks of such machines
are often referred to as botnets and are very commonly used for a range
of malicious purposes, including sending spam or performing DoS
attacks.

• Affecting Industrial systems

Some special worms attack industrial systems in a targeted manner.
Stuxnet was primarily transmitted through LANs and infected thumb-
drives, as its targets were never connected to untrusted networks, like the
internet. This virus can destroy the core production control computer
software used by chemical, power generation and power transmission
companies in various countries around the world

• Detecting Vulnerability
A helpful worm or anti-worm is a worm designed to test the Ethernet
principles on the network. The example, Nachi worms tried to download
and install patches from Microsoft's website to fix vulnerabilities in the
host system by exploiting the vulnerabilities and this made these systems
more secure.
Other examples of helpful worms are “Welchia “, "Den Zuko", "Cheeze",
"CodeGreen", and "Millenium".

➢ REFERENCE
• Computer worm - Wikipedia
• Hybrid Epidemics—A Case Study on Computer Worm Conficker - PMC
(nih.gov)