Comprehensive Report on Malware Analysis and Prevention Methods
VerifiedAdded on 2023/02/01
|13
|4069
|89
Report
AI Summary
This report provides a comprehensive overview of malware, encompassing its definition, purpose, and various classifications such as viruses, worms, Trojan horses, and ransomware. It delves into the significance of malware in the digital age, highlighting the increasing concerns surrounding data privacy and security. The report explores different malware analysis techniques, including static, dynamic, and hybrid approaches, explaining their methodologies and applications. Furthermore, it examines various malware detection techniques, such as signature-based, specification-based, and heuristic-based methods. The report also emphasizes preventive measures to safeguard systems against malware attacks, offering insights into the evolving landscape of cyber threats and the importance of proactive security strategies. The report concludes by summarizing key findings and emphasizing the need for continuous vigilance in the face of increasingly sophisticated malware threats.
Table of Contents
Introduction......................................................................................................................................2
What is Malware?............................................................................................................................2
Purpose of Malware.........................................................................................................................2
Malware classification.....................................................................................................................3
Virus:...........................................................................................................................................3
Worm:..........................................................................................................................................4
Trojan Horse:...............................................................................................................................4
RootKit:.......................................................................................................................................4
Exploit Kit:..................................................................................................................................4
Spyware:......................................................................................................................................5
Adware:........................................................................................................................................5
Ransomware:...............................................................................................................................5
Anti-Malware Analysis Technique..................................................................................................6
Static Analysis:............................................................................................................................6
Dynamic Analysis:.......................................................................................................................6
Hybrid Analysis:..........................................................................................................................7
Malware detection techniques.........................................................................................................7
Signature-Based malware detection............................................................................................7
Specification-based Malware detection.......................................................................................8
Heuristic based techniques..........................................................................................................8
Prevention from Malwares..............................................................................................................8
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
Introduction......................................................................................................................................2
What is Malware?............................................................................................................................2
Purpose of Malware.........................................................................................................................2
Malware classification.....................................................................................................................3
Virus:...........................................................................................................................................3
Worm:..........................................................................................................................................4
Trojan Horse:...............................................................................................................................4
RootKit:.......................................................................................................................................4
Exploit Kit:..................................................................................................................................4
Spyware:......................................................................................................................................5
Adware:........................................................................................................................................5
Ransomware:...............................................................................................................................5
Anti-Malware Analysis Technique..................................................................................................6
Static Analysis:............................................................................................................................6
Dynamic Analysis:.......................................................................................................................6
Hybrid Analysis:..........................................................................................................................7
Malware detection techniques.........................................................................................................7
Signature-Based malware detection............................................................................................7
Specification-based Malware detection.......................................................................................8
Heuristic based techniques..........................................................................................................8
Prevention from Malwares..............................................................................................................8
Conclusion.....................................................................................................................................11
References......................................................................................................................................12
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Introduction
Privacy is one of the resonating terms in the 21st century. In earlier days when the world was not
so digitized we had no concern about our digital privacy but now with increasing use of digitized
systems we cannot deny the fact that now before indulging in anything new from this digital
domain we have to make sure that our identity is safe and no one is going to misuse that if we are
providing it to someone. Our privacy is linked with our data because when online we are
represented by our data and not physically. This data can be anything, from your security number
to your day-to-day GPS locations. We all are aware of ‘data is the new gold’ phrase but are we
aware of malware? These are the basic tools to make data theft easy and hence are of prime
concern to us. Loky, Petya, WannaCry are some of the famous recent malware know to us.
What is Malware?
If we look closely ‘Malware’ is a blend of two words ‘malicious’ and ‘software’. Malwares are
nothing but some software designed intentionally to damage the computer network. [1]
Malwares can take any form, from an executable code to an advertisement. [2] Malwares are
malicious because their intent is not in favor of the user. Malwares are different from bugs in
which the software lacks something that ultimately proves to be harmful for the user.
If a company has issued a software and the concerned company does not supply full information
about the data they are accessing from user’s end then also the software is considered as malware
because the user has not given his/her prior consent to access the data.
Purpose of Malware
Malwares are generated in order to hack the system. Recently, malwares are used extensively to
get unauthorized access on the websites of a government or corporate organizations to garner
information or to disrupt the systems.[3] Some malwares are used to generate money online by
showing advertisement and using click frauds.
Privacy is one of the resonating terms in the 21st century. In earlier days when the world was not
so digitized we had no concern about our digital privacy but now with increasing use of digitized
systems we cannot deny the fact that now before indulging in anything new from this digital
domain we have to make sure that our identity is safe and no one is going to misuse that if we are
providing it to someone. Our privacy is linked with our data because when online we are
represented by our data and not physically. This data can be anything, from your security number
to your day-to-day GPS locations. We all are aware of ‘data is the new gold’ phrase but are we
aware of malware? These are the basic tools to make data theft easy and hence are of prime
concern to us. Loky, Petya, WannaCry are some of the famous recent malware know to us.
What is Malware?
If we look closely ‘Malware’ is a blend of two words ‘malicious’ and ‘software’. Malwares are
nothing but some software designed intentionally to damage the computer network. [1]
Malwares can take any form, from an executable code to an advertisement. [2] Malwares are
malicious because their intent is not in favor of the user. Malwares are different from bugs in
which the software lacks something that ultimately proves to be harmful for the user.
If a company has issued a software and the concerned company does not supply full information
about the data they are accessing from user’s end then also the software is considered as malware
because the user has not given his/her prior consent to access the data.
Purpose of Malware
Malwares are generated in order to hack the system. Recently, malwares are used extensively to
get unauthorized access on the websites of a government or corporate organizations to garner
information or to disrupt the systems.[3] Some malwares are used to generate money online by
showing advertisement and using click frauds.
Malware classification
Classification of malware can be different based on the criteria on which malwares are classified.
The basic criterion depends on the type of work a malware performs. Traditional malwares
include viruses, worms, Trojan horse, etc. Some advanced malwares in which adware, spyware,
ransomware and bots, etc. are classified. We will discuss in brief some of these malwares which
are found on the web.
Image Source: https://medium.com/s/the-firewall/episode5-antimalware-software-b255b627c879
Virus:
This type of malicious software is the most common among the general public. The target area of
a virus is any legitimate file in which an unintended code is inserted without notifying the user.
This code then transfers with the infected file whenever a transfer takes place.[4] Viruses are
self-replicating in nature. Creeper was the first virus to be detected on ARPANET in 1970. Elk
Cloner was the first computer virus appeared in 1982. A computer virus must contain search
routine so that it can copy itself to a location where the search routine locates.
Classification of malware can be different based on the criteria on which malwares are classified.
The basic criterion depends on the type of work a malware performs. Traditional malwares
include viruses, worms, Trojan horse, etc. Some advanced malwares in which adware, spyware,
ransomware and bots, etc. are classified. We will discuss in brief some of these malwares which
are found on the web.
Image Source: https://medium.com/s/the-firewall/episode5-antimalware-software-b255b627c879
Virus:
This type of malicious software is the most common among the general public. The target area of
a virus is any legitimate file in which an unintended code is inserted without notifying the user.
This code then transfers with the infected file whenever a transfer takes place.[4] Viruses are
self-replicating in nature. Creeper was the first virus to be detected on ARPANET in 1970. Elk
Cloner was the first computer virus appeared in 1982. A computer virus must contain search
routine so that it can copy itself to a location where the search routine locates.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Worm:
Like virus, worms are also self-replicating in nature but they are transferred from one system to
another using a ‘computer network’. [5] Worms wait for a security failure for the targeted
computer to enter into them. Worms affect the bandwidth of the network by occupying the
available space and without affecting the files, unlike viruses which corrupt the entire file.
One well-known worm named Morris worm created by Robert Tappan Morris was released in
1988.
Trojan Horse:
Trojans appear as real/legitimate but are intended to use for illegitimate advantages. [6]
Nowadays most computers are loaded with Trojans. They can take any form like a survey form,
an advertisement. E-mail or any other infected site can become the source of Trojan. Trojans can
cause severe problems as a user might end up filling some confidential information in an
illegitimate form having a legitimate look. Hence to fulfill the requirement of a Trojan software a
user must execute it. Trojans can be backdoor, Exploit, Rootkit etc.
RootKit:
Rootkit, as its name suggests, is a malicious code which is hidden deep inside the root of the
user's computer. The term 'kit' refers to the collection of malicious programs. The rootkit is
installed when the attacker gets administrative access on the user's system. This is the most
severe type of malware as the attacker has administrative or root level access on the computer.
All the files are then in control of the attacker who is now the administrator of the system.
Detection of rootkit is also a very difficult task to perform as the software which is intended to
find the rootkit can be subverted by the rootkit. The ultimate solution if rootkit seems to be the
reinstallation of the operating system. A rootkit is different from bootkit as bootkit attacks on
the boot level and not on the kernel.
Exploit Kit:
Exploit kit also called exploit pack is used to weaken the system so that new malware can be
introduced to perform the malicious activities. A user is made lured to click on a spammed email
or any other means so that the system can be connected to an exploit kit server. Now, the attacker
can download and run the malware program in the victim's system. Exploit kit is the most
popular method of remote access malware.
Like virus, worms are also self-replicating in nature but they are transferred from one system to
another using a ‘computer network’. [5] Worms wait for a security failure for the targeted
computer to enter into them. Worms affect the bandwidth of the network by occupying the
available space and without affecting the files, unlike viruses which corrupt the entire file.
One well-known worm named Morris worm created by Robert Tappan Morris was released in
1988.
Trojan Horse:
Trojans appear as real/legitimate but are intended to use for illegitimate advantages. [6]
Nowadays most computers are loaded with Trojans. They can take any form like a survey form,
an advertisement. E-mail or any other infected site can become the source of Trojan. Trojans can
cause severe problems as a user might end up filling some confidential information in an
illegitimate form having a legitimate look. Hence to fulfill the requirement of a Trojan software a
user must execute it. Trojans can be backdoor, Exploit, Rootkit etc.
RootKit:
Rootkit, as its name suggests, is a malicious code which is hidden deep inside the root of the
user's computer. The term 'kit' refers to the collection of malicious programs. The rootkit is
installed when the attacker gets administrative access on the user's system. This is the most
severe type of malware as the attacker has administrative or root level access on the computer.
All the files are then in control of the attacker who is now the administrator of the system.
Detection of rootkit is also a very difficult task to perform as the software which is intended to
find the rootkit can be subverted by the rootkit. The ultimate solution if rootkit seems to be the
reinstallation of the operating system. A rootkit is different from bootkit as bootkit attacks on
the boot level and not on the kernel.
Exploit Kit:
Exploit kit also called exploit pack is used to weaken the system so that new malware can be
introduced to perform the malicious activities. A user is made lured to click on a spammed email
or any other means so that the system can be connected to an exploit kit server. Now, the attacker
can download and run the malware program in the victim's system. Exploit kit is the most
popular method of remote access malware.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Spyware:
Spyware is basically a software which is installed on the users’ system without even notifying
him/her. As mentioned in the “what is malware?” section these type of software are also
considered as malwares. This software derives information from the user’s end and then transfer
it to the concerned person/company who created that software without the consent of the user.
[7]
Spywares are able to collect data related to internet surfing in terms of cookies, user login details,
confidential information related to bank and credit cards. Installation of unwanted software
automatically and redirection of web browser hint towards the spyware attack.
Adware:
Advertising-support-software or Adware are the tools used by the advertisement creator to
generate money. Free softwareis embedded with these type of software too. Revenue is
generated based on the number of views or pay-per-click basis.
Ransomware:
For the last few years, ransomware attacks have become a common thing. Many govt. and Pvt.
organizations sometimes found their screen locked so that they are not able to access the system,
they find a message in which the attacker asks for ransom in terms of cryptocurrency. [8]
According to some studies, approximately 25% of the victims pay the ransom amount and in that
also 30% don’t get back their files even after the ransom payment has been done by them.
Ransomware can be in the form of Trojan. To avoid critical situations of ransomware attacks
user must have an offline backup of their important files
.
Spyware is basically a software which is installed on the users’ system without even notifying
him/her. As mentioned in the “what is malware?” section these type of software are also
considered as malwares. This software derives information from the user’s end and then transfer
it to the concerned person/company who created that software without the consent of the user.
[7]
Spywares are able to collect data related to internet surfing in terms of cookies, user login details,
confidential information related to bank and credit cards. Installation of unwanted software
automatically and redirection of web browser hint towards the spyware attack.
Adware:
Advertising-support-software or Adware are the tools used by the advertisement creator to
generate money. Free softwareis embedded with these type of software too. Revenue is
generated based on the number of views or pay-per-click basis.
Ransomware:
For the last few years, ransomware attacks have become a common thing. Many govt. and Pvt.
organizations sometimes found their screen locked so that they are not able to access the system,
they find a message in which the attacker asks for ransom in terms of cryptocurrency. [8]
According to some studies, approximately 25% of the victims pay the ransom amount and in that
also 30% don’t get back their files even after the ransom payment has been done by them.
Ransomware can be in the form of Trojan. To avoid critical situations of ransomware attacks
user must have an offline backup of their important files
.
Anti-Malware Analysis Technique
Given what malware can do, it is very important for us to make sure that we are also ready with
our weapons – The anti-malware tools. The purpose of malware analysis is to understand it and
make a defense against it. It is more like a vaccine that is given to a child to protect from a
particular disease in time to come. In the anti-malware analysis, the samples of the malware to be
tested is collected and appropriate measures are taken to correct the situation. The results of the
analysis are utilized to understand the functionality of the malware.
There are basically three types of techniques we use in order to prevent systems from any sort of
malware attack.
Static Analysis:
It is precisely called ‘static code analysis’. To analyze the type of malware we do not need to run
or execute the program instead we can use some reverse engineering tools like debugging,
decompile, disassemble. [9] The information after the aforementioned processes is stored in a
source code file. The opcode is extracted from the source code file in order to gain the behavioral
knowledge of the malware. In this way, we can succeed in our task to identify the malicious
programme. This type of analysis is named so because in this method the malicious programme
is tested on a separate virtual machine to make make the malware feel like its ground to perform
an action. The virtual machine is not affected because its only purpose is to make the appropriate
platform for the malware and it is not used as the actual machine.
A malware is tested on the virtual machine and the result is collected of the behavioral analysis
of the malware to further make an anti-malware program.
Dynamic Analysis:
Dynamic analysis includes execution of the malware to actually check its behavior, hence it is
also called ‘behavioral analysis’. If a file is suspected to be infected then it is run over a virtual
platform and not on the actual platform. [10] During dynamic analysis indicators related to
technical behavior like IP address, domain name, the path of the file, registry keys, etc. are
extracted from the infected file. During dynamic analysis, communication is maintained with the
attacker’s platform in order to track activities to further analyze its behavior. Today sandboxes
Given what malware can do, it is very important for us to make sure that we are also ready with
our weapons – The anti-malware tools. The purpose of malware analysis is to understand it and
make a defense against it. It is more like a vaccine that is given to a child to protect from a
particular disease in time to come. In the anti-malware analysis, the samples of the malware to be
tested is collected and appropriate measures are taken to correct the situation. The results of the
analysis are utilized to understand the functionality of the malware.
There are basically three types of techniques we use in order to prevent systems from any sort of
malware attack.
Static Analysis:
It is precisely called ‘static code analysis’. To analyze the type of malware we do not need to run
or execute the program instead we can use some reverse engineering tools like debugging,
decompile, disassemble. [9] The information after the aforementioned processes is stored in a
source code file. The opcode is extracted from the source code file in order to gain the behavioral
knowledge of the malware. In this way, we can succeed in our task to identify the malicious
programme. This type of analysis is named so because in this method the malicious programme
is tested on a separate virtual machine to make make the malware feel like its ground to perform
an action. The virtual machine is not affected because its only purpose is to make the appropriate
platform for the malware and it is not used as the actual machine.
A malware is tested on the virtual machine and the result is collected of the behavioral analysis
of the malware to further make an anti-malware program.
Dynamic Analysis:
Dynamic analysis includes execution of the malware to actually check its behavior, hence it is
also called ‘behavioral analysis’. If a file is suspected to be infected then it is run over a virtual
platform and not on the actual platform. [10] During dynamic analysis indicators related to
technical behavior like IP address, domain name, the path of the file, registry keys, etc. are
extracted from the infected file. During dynamic analysis, communication is maintained with the
attacker’s platform in order to track activities to further analyze its behavior. Today sandboxes
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
are used as the basic tool for dynamic analysis. Here the virtual machine is not utilized as the
running of the malware takes place on the actual system. The technical aspects of the system are
assessed and recorded to compare it from the malware free setup. The comparison yields the
results which are used in making an anti-malware program to eliminate the malware from the
system.
Hybrid Analysis:
The hybrid analysis uses both kinds of tools used in the earlier two types of analyses. There are
certain limitations in static analysis and the same is true for the dynamic analysis. To overcome
the limitations of both the analysis tools or we can say to make use of one analysis into the other
we use a full-fledged hybrid analysis. In hybrid analysis both, the static and the dynamic
malware behave as complementary to each other. In the hybrid approach of malware analysis,
First signature specifications are identified for a file, these are further combined with the other
behavioral parameters for overall malware analysis.
Malware detection techniques
Detection techniques are aimed at detecting the malware so that systems can be prevented from
being damaged. If detection from malware is not considered then it turns out as a great threat to
the user and the system. Malware detection involves many ways and stages but detection
techniques are again classified into three categories. First one is Signature-Based malware
detection which is used by most of the anti-viruses. The second one is Specification-based
malware detection and finally, Heuristic-based techniques are employed for malware detection
purpose.
Signature-Based malware detection
Have you ever observed when you run an anti-virus software it scans all your desired files for
which you suspect the presence of malware? This antivirus software after getting the results of
the scanned process compare the results with ‘code signatures’ of already known viruses. In this
manner, the detection of any sort of known virus is performed. One important thing is to note
running of the malware takes place on the actual system. The technical aspects of the system are
assessed and recorded to compare it from the malware free setup. The comparison yields the
results which are used in making an anti-malware program to eliminate the malware from the
system.
Hybrid Analysis:
The hybrid analysis uses both kinds of tools used in the earlier two types of analyses. There are
certain limitations in static analysis and the same is true for the dynamic analysis. To overcome
the limitations of both the analysis tools or we can say to make use of one analysis into the other
we use a full-fledged hybrid analysis. In hybrid analysis both, the static and the dynamic
malware behave as complementary to each other. In the hybrid approach of malware analysis,
First signature specifications are identified for a file, these are further combined with the other
behavioral parameters for overall malware analysis.
Malware detection techniques
Detection techniques are aimed at detecting the malware so that systems can be prevented from
being damaged. If detection from malware is not considered then it turns out as a great threat to
the user and the system. Malware detection involves many ways and stages but detection
techniques are again classified into three categories. First one is Signature-Based malware
detection which is used by most of the anti-viruses. The second one is Specification-based
malware detection and finally, Heuristic-based techniques are employed for malware detection
purpose.
Signature-Based malware detection
Have you ever observed when you run an anti-virus software it scans all your desired files for
which you suspect the presence of malware? This antivirus software after getting the results of
the scanned process compare the results with ‘code signatures’ of already known viruses. In this
manner, the detection of any sort of known virus is performed. One important thing is to note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
here that the antivirus software has to be updated in order to keep its database updated in terms
of the code signatures of already known viruses. [11] Vendor of antivirus software updates the
new file of code signatures of latest viruses on a real-time basis in order to avoid ‘zero-day
vulnerabilities’. Basically, while scanning the file, an antivirus software looks for the sequence
of bytes to detect the malicious programme and this takes place in a short interval of time. The
major limitation of signature-based malware detection is that during run time semantics of
instructions are ignored and this gives rise to malware obfuscation. [12]
Specification-based Malware detection
It is a rule-based detection technique. The maliciousness of a program is decided by a certain set
of rules. If during the process the rules do not get followed than the presence of maliciousness is
certain.[13] Unlike in earlier signature-based model in this technique, semantic instructions are
incorporated. This detection method is a derivation of anomaly based method. This method of
detection limits the way it specifies the behavior of the program. A tool named ‘Panorama’ is
used to avoid such instances. [14]
Heuristic based techniques
The heuristic-based technique applies a number of methods to detect malware. Static method of
heuristic technique uses decompilation of source code and then extracting the opcode from the
newly generated source code file. [15]
In another method of heuristic search which is called the dynamic method, a virtual platform is
utilized to run the suspected program and then its behavior is noticed to avoid further disruptions
to the system. [16]
For an overall and best detection technique, all the detection techniques are employed altogether.
Prevention from Malwares
We know that some bacteria are good for us and some are bad for us. But as far as we have
discussed, no malware is our friend unless one himself is an attacker. To avoid the devastating
attack on the system we must take care of it. We have to walk some extra mile to secure our
of the code signatures of already known viruses. [11] Vendor of antivirus software updates the
new file of code signatures of latest viruses on a real-time basis in order to avoid ‘zero-day
vulnerabilities’. Basically, while scanning the file, an antivirus software looks for the sequence
of bytes to detect the malicious programme and this takes place in a short interval of time. The
major limitation of signature-based malware detection is that during run time semantics of
instructions are ignored and this gives rise to malware obfuscation. [12]
Specification-based Malware detection
It is a rule-based detection technique. The maliciousness of a program is decided by a certain set
of rules. If during the process the rules do not get followed than the presence of maliciousness is
certain.[13] Unlike in earlier signature-based model in this technique, semantic instructions are
incorporated. This detection method is a derivation of anomaly based method. This method of
detection limits the way it specifies the behavior of the program. A tool named ‘Panorama’ is
used to avoid such instances. [14]
Heuristic based techniques
The heuristic-based technique applies a number of methods to detect malware. Static method of
heuristic technique uses decompilation of source code and then extracting the opcode from the
newly generated source code file. [15]
In another method of heuristic search which is called the dynamic method, a virtual platform is
utilized to run the suspected program and then its behavior is noticed to avoid further disruptions
to the system. [16]
For an overall and best detection technique, all the detection techniques are employed altogether.
Prevention from Malwares
We know that some bacteria are good for us and some are bad for us. But as far as we have
discussed, no malware is our friend unless one himself is an attacker. To avoid the devastating
attack on the system we must take care of it. We have to walk some extra mile to secure our
system. Following are the methods we can implement to get the system secured. These methods
are broadly inspired by the aforementioned techniques and analyses.
1. Install an anti-malware software – This is the most important and the ultimate step we
need to consider to avoid future glitches. Every system, if it is not idle, is in one way or
another is connected to the World Wide Web, so there are chances that a system may
encounter any sort of malware.[17] Using protectionist measures such as firewall, anti-
malware, anti-ransomware provide some extra layers of security to the user. User can
install appropriate software from their official online store or can purchase from some
authentic sources. To name some, Norton. McAfee, AVG, Quick Heal etc. are some of
the most used protectionist software.
2. Update the anti-malware software - If ‘prevention is better than cure than that cure must
not be outdated’. As already mentioned, an antivirus software uses ‘code signatures’ of
known malware now if it does not get updated it will not be able to identify the newly
generated malware.[18] This will make the system infected and can create a grave
situation. To avoid such a scenario we should not delay in updating the anti-malware
software. Most of the service providers of the anti-virus software update their database
almost daily and that update is also reflected in the users' end by the update warning. This
update can be made possible whenever the user is online.
3. Scheduling the anti-malware scan – Going back and clicking on the scan tab daily we can
schedule the scan. By scheduling, we not only save time but we don’t miss a chance to
detect the new malware. [19] We can turn on the auto-update ON so that every time when
an update is available, it gets downloaded automatically.
4. Updated operating system – An outdated operating system is home to so many malwares.
Because every time a new operating system is released it is most of the time secure from
are broadly inspired by the aforementioned techniques and analyses.
1. Install an anti-malware software – This is the most important and the ultimate step we
need to consider to avoid future glitches. Every system, if it is not idle, is in one way or
another is connected to the World Wide Web, so there are chances that a system may
encounter any sort of malware.[17] Using protectionist measures such as firewall, anti-
malware, anti-ransomware provide some extra layers of security to the user. User can
install appropriate software from their official online store or can purchase from some
authentic sources. To name some, Norton. McAfee, AVG, Quick Heal etc. are some of
the most used protectionist software.
2. Update the anti-malware software - If ‘prevention is better than cure than that cure must
not be outdated’. As already mentioned, an antivirus software uses ‘code signatures’ of
known malware now if it does not get updated it will not be able to identify the newly
generated malware.[18] This will make the system infected and can create a grave
situation. To avoid such a scenario we should not delay in updating the anti-malware
software. Most of the service providers of the anti-virus software update their database
almost daily and that update is also reflected in the users' end by the update warning. This
update can be made possible whenever the user is online.
3. Scheduling the anti-malware scan – Going back and clicking on the scan tab daily we can
schedule the scan. By scheduling, we not only save time but we don’t miss a chance to
detect the new malware. [19] We can turn on the auto-update ON so that every time when
an update is available, it gets downloaded automatically.
4. Updated operating system – An outdated operating system is home to so many malwares.
Because every time a new operating system is released it is most of the time secure from
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
the malwares of great concerns. An updated operating system comes with an extra layer
of security apart from the added features. For example, after the announcement of
security updates for Windows XP, it is not advisable to use Windows XP for
confidentiality and security-related work.
5. Network Security – A secure network is must as most dangerous malware attacks takes
place via entering into the network connection. It is advisable to use an encrypted
password to secure the network and the password should of suitable length and including
special characters. [20]
6. Don’t click on suspected links - When we are online we have to be extra careful as any
link that we click on a site can redirect us to an undesired place. Where we are duped for
that to be legitimate and we proceed further and give an open invitation to the malwares.
7. Offline backup – Ransomware attacks have taught us to be prepared with an offline
backup if we are not willing to take chances for our important files. An offline backup
will require a storage space from our end but this way we can save our money which we
would give in terms of ransom.
8. Use of multiple passwords – Our social media accounts offers us two-way authentication
which provides a double layer of security to our data on the networking site. Using that
feature we can make sure that data is in safe hands and is not under threat.
9. Log out is a safe option - The purpose of having a strong password would be defeated if
we don't log out from the website after we are done using it. If you are using a public
computer then simply closing the tab is not enough, we should take care of log out and
should not save the login credentials for future use.
10. Say no to cold callers - Cold callers are the callers who are talking on behalf of a reputed
company but are not the actual callers from the company. They are basically spammers or
of security apart from the added features. For example, after the announcement of
security updates for Windows XP, it is not advisable to use Windows XP for
confidentiality and security-related work.
5. Network Security – A secure network is must as most dangerous malware attacks takes
place via entering into the network connection. It is advisable to use an encrypted
password to secure the network and the password should of suitable length and including
special characters. [20]
6. Don’t click on suspected links - When we are online we have to be extra careful as any
link that we click on a site can redirect us to an undesired place. Where we are duped for
that to be legitimate and we proceed further and give an open invitation to the malwares.
7. Offline backup – Ransomware attacks have taught us to be prepared with an offline
backup if we are not willing to take chances for our important files. An offline backup
will require a storage space from our end but this way we can save our money which we
would give in terms of ransom.
8. Use of multiple passwords – Our social media accounts offers us two-way authentication
which provides a double layer of security to our data on the networking site. Using that
feature we can make sure that data is in safe hands and is not under threat.
9. Log out is a safe option - The purpose of having a strong password would be defeated if
we don't log out from the website after we are done using it. If you are using a public
computer then simply closing the tab is not enough, we should take care of log out and
should not save the login credentials for future use.
10. Say no to cold callers - Cold callers are the callers who are talking on behalf of a reputed
company but are not the actual callers from the company. They are basically spammers or
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
scammers. Don't ever fulfill the wishes of these callers. They are not for your good but
for their greed. If someone still thinks there is an issue, the contact information of the
concerned company or organization is available online for the public. Do make a call and
clarify the things.
11. Awareness - Internet is vast. Internet and its scope are increasing day-by-day like our
universe. To be updated of current happenings in the digital world will make us and our
data secure and our privacy will not be in our hands only.
Conclusion
In this literature research, techniques of malware detection, analysis and prevention have been
discussed. The research prospects that malware is bad for computers' health. A system is under
threat if it is connected to a malicious environment. User's confidential information can be
utilized in illegally and without the prior consent of the user. This research paper talks about
various means of malware detection, malware analysis and how to prevent a system from the
possible hazards of malware attack. We have also understood that the attack of malware is
inevitable in this internet age but proper care and awareness can reduce the chances of such
attacks.
for their greed. If someone still thinks there is an issue, the contact information of the
concerned company or organization is available online for the public. Do make a call and
clarify the things.
11. Awareness - Internet is vast. Internet and its scope are increasing day-by-day like our
universe. To be updated of current happenings in the digital world will make us and our
data secure and our privacy will not be in our hands only.
Conclusion
In this literature research, techniques of malware detection, analysis and prevention have been
discussed. The research prospects that malware is bad for computers' health. A system is under
threat if it is connected to a malicious environment. User's confidential information can be
utilized in illegally and without the prior consent of the user. This research paper talks about
various means of malware detection, malware analysis and how to prevent a system from the
possible hazards of malware attack. We have also understood that the attack of malware is
inevitable in this internet age but proper care and awareness can reduce the chances of such
attacks.
References–
[1] Microsoft. (2019). Malware and Ransomware Protection in Office 365 [Online].
Available: https://docs.microsoft.com/en-us/office365/securitycompliance/office-365-
malware-and-ransomware-protection
[2] US-CERT.(2005). An Undirected Attack Against Critical Infrastructure[Online].
Available:https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/
CaseStudy-002.pdf
[3] FTC. (2014). Malware [Online]. Available:https://www.consumer.ftc.gov/articles/0011-
malware
[4] US. Norton. (2016). What is a computer virus? [Online].
Available:https://us.norton.com/internetsecurity-malware-what-is-a-computer-virus.html
[5] BBC. (2010).What is an internet worm?[Online].
Available:http://www.bbc.co.uk/webwise/guides/internet-worms
[6] Webopedia.(2012). Trojan horse. [Online]. Available:
https://www.webopedia.com/TERM/T/Trojan_horse.html
[7] US.Norton.comSymantec Corporation. (2016). What is spyware? And how to remove it.
[Online]. Available: https://us.norton.com/search?q=What+is+spyware
%3F+And+how+to+remove+it.+
[8] Threatpost. (2016). Mimoso, Michael.PetyaRansomware Master File Table Encryption.
[Online]. Available:https://threatpost.com/?
s=Petya+Ransomware+Master+File+Table+Encryption
[9] Pham Van Hung. (2011).An approach to fast malware classification with machine
learning technique. [Online]. Available:https://www.sfc.wide.ad.jp/thesis/2011/files/kid-
publish-thesis.pdf
[10] A.A.,Elhadi, M.A. Maarofand, A.H.,Osman,“Malware detection based on hybrid
signature behaviour application programming interface call graph,” American Journal of
Applied Sciences, vol. 9, no. 3, p.283, 2012.
[11] N.Idika and A.P., Mathur,“’A survey of malware detection techniques,” Purdue
University, vol. 48, no. 2, pp. 12-14, 2007.
[1] Microsoft. (2019). Malware and Ransomware Protection in Office 365 [Online].
Available: https://docs.microsoft.com/en-us/office365/securitycompliance/office-365-
malware-and-ransomware-protection
[2] US-CERT.(2005). An Undirected Attack Against Critical Infrastructure[Online].
Available:https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/
CaseStudy-002.pdf
[3] FTC. (2014). Malware [Online]. Available:https://www.consumer.ftc.gov/articles/0011-
malware
[4] US. Norton. (2016). What is a computer virus? [Online].
Available:https://us.norton.com/internetsecurity-malware-what-is-a-computer-virus.html
[5] BBC. (2010).What is an internet worm?[Online].
Available:http://www.bbc.co.uk/webwise/guides/internet-worms
[6] Webopedia.(2012). Trojan horse. [Online]. Available:
https://www.webopedia.com/TERM/T/Trojan_horse.html
[7] US.Norton.comSymantec Corporation. (2016). What is spyware? And how to remove it.
[Online]. Available: https://us.norton.com/search?q=What+is+spyware
%3F+And+how+to+remove+it.+
[8] Threatpost. (2016). Mimoso, Michael.PetyaRansomware Master File Table Encryption.
[Online]. Available:https://threatpost.com/?
s=Petya+Ransomware+Master+File+Table+Encryption
[9] Pham Van Hung. (2011).An approach to fast malware classification with machine
learning technique. [Online]. Available:https://www.sfc.wide.ad.jp/thesis/2011/files/kid-
publish-thesis.pdf
[10] A.A.,Elhadi, M.A. Maarofand, A.H.,Osman,“Malware detection based on hybrid
signature behaviour application programming interface call graph,” American Journal of
Applied Sciences, vol. 9, no. 3, p.283, 2012.
[11] N.Idika and A.P., Mathur,“’A survey of malware detection techniques,” Purdue
University, vol. 48, no. 2, pp. 12-14, 2007.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 13
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.