COS30015 IT Security : Malware Analysis
Added on 2022-09-28
12 Pages4290 Words62 Views
COS30015 IT Security
Assignment 1 Research Project
Malware Analysis
ABSTRACT
P a g e | 1
Assignment 1 Research Project
Malware Analysis
ABSTRACT
P a g e | 1
Malware analysis is the method of analysing malware and determining
ways to analyse its components and behaviour. In this study, two types of
malware analysis will be used: static analysis and dynamic analysis. Static
analysis is a type of malware analysis that does not require the malware
to be executed. Dynamic analysis is a malware analysis approach in which
the malware is operating in a protected system[ CITATION Mic12 \l 1033 ].
Malware analysis is essential since there is a lot of malwares these days
that isn't detected by antivirus software. Viruses are now designed with
the capacity to evade detection by antivirus software[ CITATION GVi14 \l
1033 ]. This report includes several talking points such as the constraints
of static malware analysis, several tools to conduct dynamic malware
analysis and de-obfuscating malware
Keywords — Malware, Virus, Adware, Worm, Ransomware, Trojan
Keylogger, Malware Analysis, Static Malware Analysis, Dynamic Malware
Analysis, Trends in Malware etc.
1. INTRODUCTION
Nowadays, the number of programmes developed for criminal and
unlawful purposes is rapidly increasing. Most of these applications are
malware designed to aid in the expansion of the organization's criminal
activities. Its certain, criminals employ malware to take control of
computers and acquire personal data, private information, or otherwise
benefit from it. The increase in the amount of malware used to commit
crimes prompted more digital forensic investigators to conduct malware
analysis and employ technologies that were formerly only available from
antivirus manufacturers and security research organisations. Malware
forensics is now considered a member of computer forensics[ CITATION
Ess08 \l 1033 ]. Malware forensics is the process of identifying and
analysing unknown malware. Many modern malware programmes are
designed to avoid detection by antivirus software. As a result, it is critical
to provide malware analysts with detailed knowledge on malware's
capabilities so that they are aware of the potential for malware to do
damage or data theft[ CITATION GVi14 \l 1033 ].
2. WHAT IS MALWARE?
Malware is a term that can be described as malicious software that is
created to harm a computer system without the user's knowledge. As
defined by Microsoft, "[malware] is a catch-all term to refer to any
software designed to cause damage to a single computer, server, or
computer network”[CITATION Mic09 \l 1033 ]. Malware can be classified in a
P a g e | 2
ways to analyse its components and behaviour. In this study, two types of
malware analysis will be used: static analysis and dynamic analysis. Static
analysis is a type of malware analysis that does not require the malware
to be executed. Dynamic analysis is a malware analysis approach in which
the malware is operating in a protected system[ CITATION Mic12 \l 1033 ].
Malware analysis is essential since there is a lot of malwares these days
that isn't detected by antivirus software. Viruses are now designed with
the capacity to evade detection by antivirus software[ CITATION GVi14 \l
1033 ]. This report includes several talking points such as the constraints
of static malware analysis, several tools to conduct dynamic malware
analysis and de-obfuscating malware
Keywords — Malware, Virus, Adware, Worm, Ransomware, Trojan
Keylogger, Malware Analysis, Static Malware Analysis, Dynamic Malware
Analysis, Trends in Malware etc.
1. INTRODUCTION
Nowadays, the number of programmes developed for criminal and
unlawful purposes is rapidly increasing. Most of these applications are
malware designed to aid in the expansion of the organization's criminal
activities. Its certain, criminals employ malware to take control of
computers and acquire personal data, private information, or otherwise
benefit from it. The increase in the amount of malware used to commit
crimes prompted more digital forensic investigators to conduct malware
analysis and employ technologies that were formerly only available from
antivirus manufacturers and security research organisations. Malware
forensics is now considered a member of computer forensics[ CITATION
Ess08 \l 1033 ]. Malware forensics is the process of identifying and
analysing unknown malware. Many modern malware programmes are
designed to avoid detection by antivirus software. As a result, it is critical
to provide malware analysts with detailed knowledge on malware's
capabilities so that they are aware of the potential for malware to do
damage or data theft[ CITATION GVi14 \l 1033 ].
2. WHAT IS MALWARE?
Malware is a term that can be described as malicious software that is
created to harm a computer system without the user's knowledge. As
defined by Microsoft, "[malware] is a catch-all term to refer to any
software designed to cause damage to a single computer, server, or
computer network”[CITATION Mic09 \l 1033 ]. Malware can be classified in a
P a g e | 2
variety of ways, the first of which is the way malicious software
distributes. You've certainly seen or heard the terms virus, trojan, and
worm used conversely, although they describe three subtly distinct ways
malware can infect target computers, according to Symantec[CITATION
Bro19 \l 1033 ]:
Virus: It is a program that embeds itself in the code of other
different programs, forcing it to infect that program and perform
destructive and unwanted actions and spread.
Trojan produces copies of itself and takes data. It’s a malicious
application that tries to infect other computers in a totally
automated way without the assistance of external forces or different
programmes. Trojans are portals in and of themselves. They, unlike
worms, require a host to function. Some of the thing’s hackers can
utilise the Trojan once it has been installed on your device are listed
below
- Data can be deleted, modified, and captured.
- As part of a botnet, the device will be harvested.
- Smartphone surveillance
- Take control of your network.
Worms: A worm is a self-replicating malicious computer software
that accesses the resource of devices and networks resources
without the authentication or consent of user. It absorbs network
bandwidth in the network. They usually aim for pre-existing flaws in
the operating system of the machines they want to infect.
Malwares can be placed "manually" on a computer by the attackers, via
physically accessing the computer or through privilege escalation to
acquire remote administrator access.
Another method to classify malware is by what its responsibilities are after
infecting the systems of its victims. Malware can employ a broad range of
attack methods, including:
Spyware is defined by Webroot Cybersecurity as "malware used for
the purpose of secretly gathering data on an unsuspecting
user[CITATION Web \l 1033 ]." To summarize, it monitors your
computer usage, as well as the data you transmit and obtain, with
the goal of disclosing that information to a third party. A keylogger
is a type of malware that copies every single keystroke the user
made, making it ideal for collecting passwords.
P a g e | 3
distributes. You've certainly seen or heard the terms virus, trojan, and
worm used conversely, although they describe three subtly distinct ways
malware can infect target computers, according to Symantec[CITATION
Bro19 \l 1033 ]:
Virus: It is a program that embeds itself in the code of other
different programs, forcing it to infect that program and perform
destructive and unwanted actions and spread.
Trojan produces copies of itself and takes data. It’s a malicious
application that tries to infect other computers in a totally
automated way without the assistance of external forces or different
programmes. Trojans are portals in and of themselves. They, unlike
worms, require a host to function. Some of the thing’s hackers can
utilise the Trojan once it has been installed on your device are listed
below
- Data can be deleted, modified, and captured.
- As part of a botnet, the device will be harvested.
- Smartphone surveillance
- Take control of your network.
Worms: A worm is a self-replicating malicious computer software
that accesses the resource of devices and networks resources
without the authentication or consent of user. It absorbs network
bandwidth in the network. They usually aim for pre-existing flaws in
the operating system of the machines they want to infect.
Malwares can be placed "manually" on a computer by the attackers, via
physically accessing the computer or through privilege escalation to
acquire remote administrator access.
Another method to classify malware is by what its responsibilities are after
infecting the systems of its victims. Malware can employ a broad range of
attack methods, including:
Spyware is defined by Webroot Cybersecurity as "malware used for
the purpose of secretly gathering data on an unsuspecting
user[CITATION Web \l 1033 ]." To summarize, it monitors your
computer usage, as well as the data you transmit and obtain, with
the goal of disclosing that information to a third party. A keylogger
is a type of malware that copies every single keystroke the user
made, making it ideal for collecting passwords.
P a g e | 3
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Understanding Malware: Types, Detection, and Analysislg...
|12
|899
|33
Malware Analysis Assignment PDFlg...
|29
|6377
|378
Malware Virus: Types, Analysis, and Preventionlg...
|14
|3926
|1
Malware: Types, Analysis Techniques, and Preventionlg...
|13
|4069
|89
Malware Analysis: Types, Prevention, and Task Analysislg...
|52
|8215
|322
CHAPTER FIVE 4 Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antiviruses. Antlg...
|14
|2481
|157