ITC595 Research Project: Malware: Past, Present, and Future
VerifiedAdded on 2025/05/03
|3
|2050
|345
AI Summary
Desklib provides solved assignments and past papers to help students succeed.
ITC595 Research Project (MALWARE: PAST, PRESENT
AND FUTURE)
A. Author
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
INTRODUCTION
Malware or malicious software can be described as a
software program which harms a computer, mobile device, or
the network servers by exploiting the susceptibilities present
in the system. It is basically a software program which is
developed by malicious developers to crack into a system and
steal all the crucial information present in the system.
Malware is also used in disrupting operations of
communication or computing process, and also in taking over
systems processing ability, and exploitation of resources form
any system that is not protected or loosely protected.
Information and resources that are stolen using malware
include a vast range of crucial data among which include the
personal information such as bank details, account details,
personal images, videos or audios, addresses, organizational
details, and many more.
This report is presented to discuss in detail about the
malware technology which has been harming the computers,
mobile devices, and network servers since its development. In
this report, the various types of malware and their processes
are described.
OVERVIEW OF THE TECHNOLOGY INVOLVED
Basically, malware is specialized software in the disguise of
any genuine software with coding to interrupt the device in
which it interacts. These programs are built nasty, hence are
hard to remove from the device which has been attacked or
fed with the malware program. There are a number of
malware which is present in numerous forms such as Virus,
Ransomware, Worms, Spyware, Trojans, Adware, and many
more.
Virus- It is a type of malware, which when inside a
computer system, starts duplicating its own codes by infecting
other programs present in the system. It requires the user of
the system to interact with the program containing the virus in
order to start its harmful processes. When inside the
computer system, a virus can corrupt data, steal data, spread
across multiple systems connecting with the infected system,
and more.
Ransomware- It is a type of malware which encrypts a
computer system and its data for some ransom amount. The
system stays blocked until the ransom amount is paid. This is
the most commonly used malware at present to demand
ransoms to individuals as well as large firms. In this malware,
the malicious programmer has access to all the data present in
the system.
Worms- It is a type of standalone malware which duplicates
itself inside a computer system and affects the network
bandwidth of the system. This type of malware does not
require any requirement of the user to access the program
rather operates own self. Once inside a system, it starts
multiplying itself within the system and infecting the files
present in the system.
Spyware- These are software which when inside a computer
system, spreads within the system and starts recording the
processes or tasks performed in the infected system. This type
of malware basically does not harm the system but steals data
from the system and harming the individual or firm using the
system.
Trojans- these are malware which is represented in the
form of authentic software/programs. This malware, like the
viruses, requires the user to operate the system and run the
program in order to activate itself in the system. Trojans,
unlike viruses and worms, do not replicate, but stays in its
form and harm the system [6].
CHALLENGES/PROBLEMS ASSOCIATED WITH MALWARE
The presence of malware within the uses of computer is
one among the biggest challenge associated with it. Since
malware are regularly updated by the malicious programmers
developing those technologies, the elimination of malware is
hardly possible. These programs can never be eradicated from
being developed and shared among other systems. The
presence of malware is everywhere that too in large quantity.
Majority of the cybercrime activities are performed using
malware to accomplish their motive. Malware can be used in
obtaining information, infiltration of organizations websites to
acquire crucial data present in their system and the list of
cyber-crimes go on. These programs are hard to detect and
cause various challenges to the anti-cybercrimes teams and
professionals due to their built undetectable and untraceable
nature. The malicious programmers use a bot network to
remotely perform all the harmful activities or steal information
from the infected server or device. Using the botnets, hackers
mostly connects numerous infected devices or servers into a
single network. This makes detecting the actual culprit harder
due to the presence of multiple addresses for a single activity.
Some of the challenges and problems in detection of the
malware include-
Detection of a code that is masked and mystified- A
malware is generally coded with precise knowledge of coding.
The programmer uses various methods to mask the code and
design it complicated. This lets the anti-malware programs
confuse and makes detection of the malware hard or detects
the program as normal with no errors.
Detection of codes in OS related attacks- Some malware
are designed to attack the system with specific OS installed.
These malware are designed using the principles of Goldilocks
which states the requirements of a specific version of
programs or systems. It may include older version OS’s which
has not been updated or may lack security protocols and also
AND FUTURE)
A. Author
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
INTRODUCTION
Malware or malicious software can be described as a
software program which harms a computer, mobile device, or
the network servers by exploiting the susceptibilities present
in the system. It is basically a software program which is
developed by malicious developers to crack into a system and
steal all the crucial information present in the system.
Malware is also used in disrupting operations of
communication or computing process, and also in taking over
systems processing ability, and exploitation of resources form
any system that is not protected or loosely protected.
Information and resources that are stolen using malware
include a vast range of crucial data among which include the
personal information such as bank details, account details,
personal images, videos or audios, addresses, organizational
details, and many more.
This report is presented to discuss in detail about the
malware technology which has been harming the computers,
mobile devices, and network servers since its development. In
this report, the various types of malware and their processes
are described.
OVERVIEW OF THE TECHNOLOGY INVOLVED
Basically, malware is specialized software in the disguise of
any genuine software with coding to interrupt the device in
which it interacts. These programs are built nasty, hence are
hard to remove from the device which has been attacked or
fed with the malware program. There are a number of
malware which is present in numerous forms such as Virus,
Ransomware, Worms, Spyware, Trojans, Adware, and many
more.
Virus- It is a type of malware, which when inside a
computer system, starts duplicating its own codes by infecting
other programs present in the system. It requires the user of
the system to interact with the program containing the virus in
order to start its harmful processes. When inside the
computer system, a virus can corrupt data, steal data, spread
across multiple systems connecting with the infected system,
and more.
Ransomware- It is a type of malware which encrypts a
computer system and its data for some ransom amount. The
system stays blocked until the ransom amount is paid. This is
the most commonly used malware at present to demand
ransoms to individuals as well as large firms. In this malware,
the malicious programmer has access to all the data present in
the system.
Worms- It is a type of standalone malware which duplicates
itself inside a computer system and affects the network
bandwidth of the system. This type of malware does not
require any requirement of the user to access the program
rather operates own self. Once inside a system, it starts
multiplying itself within the system and infecting the files
present in the system.
Spyware- These are software which when inside a computer
system, spreads within the system and starts recording the
processes or tasks performed in the infected system. This type
of malware basically does not harm the system but steals data
from the system and harming the individual or firm using the
system.
Trojans- these are malware which is represented in the
form of authentic software/programs. This malware, like the
viruses, requires the user to operate the system and run the
program in order to activate itself in the system. Trojans,
unlike viruses and worms, do not replicate, but stays in its
form and harm the system [6].
CHALLENGES/PROBLEMS ASSOCIATED WITH MALWARE
The presence of malware within the uses of computer is
one among the biggest challenge associated with it. Since
malware are regularly updated by the malicious programmers
developing those technologies, the elimination of malware is
hardly possible. These programs can never be eradicated from
being developed and shared among other systems. The
presence of malware is everywhere that too in large quantity.
Majority of the cybercrime activities are performed using
malware to accomplish their motive. Malware can be used in
obtaining information, infiltration of organizations websites to
acquire crucial data present in their system and the list of
cyber-crimes go on. These programs are hard to detect and
cause various challenges to the anti-cybercrimes teams and
professionals due to their built undetectable and untraceable
nature. The malicious programmers use a bot network to
remotely perform all the harmful activities or steal information
from the infected server or device. Using the botnets, hackers
mostly connects numerous infected devices or servers into a
single network. This makes detecting the actual culprit harder
due to the presence of multiple addresses for a single activity.
Some of the challenges and problems in detection of the
malware include-
Detection of a code that is masked and mystified- A
malware is generally coded with precise knowledge of coding.
The programmer uses various methods to mask the code and
design it complicated. This lets the anti-malware programs
confuse and makes detection of the malware hard or detects
the program as normal with no errors.
Detection of codes in OS related attacks- Some malware
are designed to attack the system with specific OS installed.
These malware are designed using the principles of Goldilocks
which states the requirements of a specific version of
programs or systems. It may include older version OS’s which
has not been updated or may lack security protocols and also
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
software programs of certain versions. Such systems and
programs do not regularly update their security features which
make the entering of the malware easier and detection
harder.
Detection of malware attacks in real time- Most of the
anti-malware software and programs are designed to detect
threats and issues after detecting the first attack on the
system. This means the system is required to be infected
before the program to be able to detect the threat. This
attribute makes all systems vulnerable as the malware
detection software is not efficient enough to detect the issues
and threats before it has been implemented in the system or
servers. This lack of technology makes the systems vulnerable
to all real-time threats.
Detecting original codes from risky ones- Malware codes
are mostly masked to look like a genuine or original code of
the software. These codes, in general, look the same but are
different from its core. The malware detecting programs
generally scan each code to determine the faulty ones and
remove them from the system. Due to the regular evolution of
malware codes to look-alike, an original source code makes it
harder to detect and isolate.
IDENTIFICATION OF ISSUES
The issues and problems addressed in [1] include the high
accuracy in the detection of malware. In [1], the authors
determined the use of the dynamic and static method of
malware detection. The authors discussed the static method
by using techniques of parsing the binaries of malware to
determine the strings of codes which are malicious and are
harmful to the system and servers and also the methodologies
to reverse-engineer the malware to detect the proper codes
used in its coding to find other similar malware. The authors
also discussed the dynamic method in order to isolate and
quarantine the programs to read its movement and activity
within some virtual space to safely process their operations. In
order to process their studies of detecting malware with high
accuracy, [1] also used the methodologies such as the
selection of features using the pruning/ranking technique in
which they processed methods such as the Information Gain
to select out the error codes from servers and systems [3]. [1]
also used the supervised learning techniques in which details
of problematic codes were already fed in the malware
detecting program to predict the malware which could enter
and infect a system. Using the unsupervised learning
technique of malware detection, [1] segregated the clustered
malware according to their groups and prohibiting entry into
the system.
[2] on the other hand states the use of API calls technique
to detect malware within a program. This technique helps in
detecting the presence of malware by measuring the level of
maliciousness of a program or code. [2] uses this method as it
is mostly used by numerous programmers in order to detect
malware. They used the theory of rough set and the analysis
of N-gram method to detect various new malware codes and
prevent them from entering and infecting any system. [3] in
their research also used the Information Gain method to
determine the presence and detection of malware. But adding
to the technique, they also added and improvised it using
another technique to reduce the rate of errors in determining
the presence of malware within a system, program or server.
The main methodology used by [4] includes the use of
machine learning method in which algorithms were used
within modules of malware detection so that it can help in the
optimizing the centralized security of an enterprise network.
Their designed system was processed to provide enhance
security by which it could not only scan or detect post-
infection malware but also secure a server or system by
preventing potential harmful programs to enter the network
system [5].
FUTURE OF MALWARE AND THEIR DETECTION SYSTEMS
The rapid and continuous developments of newer updates
and techniques to detect malware are constantly accelerating.
But the programmers developing the malware for use in a
dark web application are also adding newer types of programs
and coding in their databases. Due to this fact that no perfect
system can be developed to perfectly eliminate or prohibit
entry of the malware programs, the race of these issues will
persist till the end of the system or till the development of
artificial intelligence which can auto-generate own codes and
simulate the problematic codes is present. The advancement
in current malware detecting system has almost developed a
barrier to majority of these threats into entering a system. The
current era is facing the major newer malware such as
ransomware, spyware, and adware which still persists to be
present in systems with connection to infected systems. This
chase of developing newer detection modules and newer
malware continues.to limit such activities, the individuals and
organizations can though implement safe operating
procedures to prevent such programs in entering the system
and obtaining access to crucial and important details and data
of the infected.
CONCLUSION
This report describes the malware and the various
processes and techniques used to prevent and detect malware
in a system, server, or programs. From this report, the various
types of malware can be known. We can also know the
process of how each malicious programs inhibit a system,
server, or a program. The various challenges such as the
detection of malware attacks in real time, OS related attacks,
segregation of codes according to their risks and threats are
described in this report. This report also enlightens about the
newer methodologies that are implemented in detection
systems to eliminate the presence of malware and prevent
them from entering the systems. This report also states the
present condition of malware attacks and the future of its
existence in servers, systems as well as in programs. By
performing this report, we can understand the importance of
the requirement of such detection systems which can process
and eliminate malware entry in a system to provide the
optimum security to the individuals and enterprises using
computer devices and servers to process their daily activities.
REFERENCES
[1] M. N. A. Zabidi, M. A. Maarof, and A. Zainal, “Challenges in high accuracy
of malware detection,” 2012 IEEE Control and System Graduate Research
Colloquium, 2012.
[2] Z. Salehi, A. Sami, and M. Ghiasi, “MAAR: Robust features to detect
malicious activity based on API calls, their arguments and return
values,” Engineering Applications of Artificial Intelligence, vol. 59, pp.
93–102, 2017.
[3] B. Zhang, J. Yin, J. Hao, S. Wang, D. Zhang, and W. Tang, “New Malicious
Code Detection Based on N-gram Analysis and Rough Set Theory,” 2006
International Conference on Computational Intelligence and Security,
2006.
programs do not regularly update their security features which
make the entering of the malware easier and detection
harder.
Detection of malware attacks in real time- Most of the
anti-malware software and programs are designed to detect
threats and issues after detecting the first attack on the
system. This means the system is required to be infected
before the program to be able to detect the threat. This
attribute makes all systems vulnerable as the malware
detection software is not efficient enough to detect the issues
and threats before it has been implemented in the system or
servers. This lack of technology makes the systems vulnerable
to all real-time threats.
Detecting original codes from risky ones- Malware codes
are mostly masked to look like a genuine or original code of
the software. These codes, in general, look the same but are
different from its core. The malware detecting programs
generally scan each code to determine the faulty ones and
remove them from the system. Due to the regular evolution of
malware codes to look-alike, an original source code makes it
harder to detect and isolate.
IDENTIFICATION OF ISSUES
The issues and problems addressed in [1] include the high
accuracy in the detection of malware. In [1], the authors
determined the use of the dynamic and static method of
malware detection. The authors discussed the static method
by using techniques of parsing the binaries of malware to
determine the strings of codes which are malicious and are
harmful to the system and servers and also the methodologies
to reverse-engineer the malware to detect the proper codes
used in its coding to find other similar malware. The authors
also discussed the dynamic method in order to isolate and
quarantine the programs to read its movement and activity
within some virtual space to safely process their operations. In
order to process their studies of detecting malware with high
accuracy, [1] also used the methodologies such as the
selection of features using the pruning/ranking technique in
which they processed methods such as the Information Gain
to select out the error codes from servers and systems [3]. [1]
also used the supervised learning techniques in which details
of problematic codes were already fed in the malware
detecting program to predict the malware which could enter
and infect a system. Using the unsupervised learning
technique of malware detection, [1] segregated the clustered
malware according to their groups and prohibiting entry into
the system.
[2] on the other hand states the use of API calls technique
to detect malware within a program. This technique helps in
detecting the presence of malware by measuring the level of
maliciousness of a program or code. [2] uses this method as it
is mostly used by numerous programmers in order to detect
malware. They used the theory of rough set and the analysis
of N-gram method to detect various new malware codes and
prevent them from entering and infecting any system. [3] in
their research also used the Information Gain method to
determine the presence and detection of malware. But adding
to the technique, they also added and improvised it using
another technique to reduce the rate of errors in determining
the presence of malware within a system, program or server.
The main methodology used by [4] includes the use of
machine learning method in which algorithms were used
within modules of malware detection so that it can help in the
optimizing the centralized security of an enterprise network.
Their designed system was processed to provide enhance
security by which it could not only scan or detect post-
infection malware but also secure a server or system by
preventing potential harmful programs to enter the network
system [5].
FUTURE OF MALWARE AND THEIR DETECTION SYSTEMS
The rapid and continuous developments of newer updates
and techniques to detect malware are constantly accelerating.
But the programmers developing the malware for use in a
dark web application are also adding newer types of programs
and coding in their databases. Due to this fact that no perfect
system can be developed to perfectly eliminate or prohibit
entry of the malware programs, the race of these issues will
persist till the end of the system or till the development of
artificial intelligence which can auto-generate own codes and
simulate the problematic codes is present. The advancement
in current malware detecting system has almost developed a
barrier to majority of these threats into entering a system. The
current era is facing the major newer malware such as
ransomware, spyware, and adware which still persists to be
present in systems with connection to infected systems. This
chase of developing newer detection modules and newer
malware continues.to limit such activities, the individuals and
organizations can though implement safe operating
procedures to prevent such programs in entering the system
and obtaining access to crucial and important details and data
of the infected.
CONCLUSION
This report describes the malware and the various
processes and techniques used to prevent and detect malware
in a system, server, or programs. From this report, the various
types of malware can be known. We can also know the
process of how each malicious programs inhibit a system,
server, or a program. The various challenges such as the
detection of malware attacks in real time, OS related attacks,
segregation of codes according to their risks and threats are
described in this report. This report also enlightens about the
newer methodologies that are implemented in detection
systems to eliminate the presence of malware and prevent
them from entering the systems. This report also states the
present condition of malware attacks and the future of its
existence in servers, systems as well as in programs. By
performing this report, we can understand the importance of
the requirement of such detection systems which can process
and eliminate malware entry in a system to provide the
optimum security to the individuals and enterprises using
computer devices and servers to process their daily activities.
REFERENCES
[1] M. N. A. Zabidi, M. A. Maarof, and A. Zainal, “Challenges in high accuracy
of malware detection,” 2012 IEEE Control and System Graduate Research
Colloquium, 2012.
[2] Z. Salehi, A. Sami, and M. Ghiasi, “MAAR: Robust features to detect
malicious activity based on API calls, their arguments and return
values,” Engineering Applications of Artificial Intelligence, vol. 59, pp.
93–102, 2017.
[3] B. Zhang, J. Yin, J. Hao, S. Wang, D. Zhang, and W. Tang, “New Malicious
Code Detection Based on N-gram Analysis and Rough Set Theory,” 2006
International Conference on Computational Intelligence and Security,
2006.
[4] P. Singhal, “Malware Detection Module using Machine Learning
Algorithms to Assist in Centralized Security in Enterprise
Networks,” International Journal of Network Security & Its Applications,
vol. 4, no. 1, pp. 61–67, 2012.
[5] F. A. Narudin, A. Feizollah, N. B. Anuar, and A. Gani, “Evaluation of
machine learning classifiers for mobile malware detection,” Soft
Computing, vol. 20, no. 1, pp. 343–357, 2014.
[6] J. Steinberg, “Malware 101: An Overview of Malware Types,” Inc.com,
28-Dec-2017. [Online]. Available: https://www.inc.com/joseph-
steinberg/malware-101-an-overview-of-malware-types.html. [Accessed:
19-May-2019].
Algorithms to Assist in Centralized Security in Enterprise
Networks,” International Journal of Network Security & Its Applications,
vol. 4, no. 1, pp. 61–67, 2012.
[5] F. A. Narudin, A. Feizollah, N. B. Anuar, and A. Gani, “Evaluation of
machine learning classifiers for mobile malware detection,” Soft
Computing, vol. 20, no. 1, pp. 343–357, 2014.
[6] J. Steinberg, “Malware 101: An Overview of Malware Types,” Inc.com,
28-Dec-2017. [Online]. Available: https://www.inc.com/joseph-
steinberg/malware-101-an-overview-of-malware-types.html. [Accessed:
19-May-2019].
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 3
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.