DoS Attack Response Plan and Malware Code Disguising Techniques

Verified

Added on 2023/06/14

AI Summary

This report addresses the critical importance of having a Denial of Service (DoS) attack response plan in place for organizations. It highlights the vulnerabilities associated with DoS attacks, emphasizing their potential impact on financial data, IT infrastructure, and overall business continuity. The report also explores techniques used by malware developers to disguise their code, including the use of packers, crypters, and polymorphic malware. These methods aim to prevent analysis and detection of malicious code by compressing, encrypting, or altering the malware's appearance. The document concludes by referencing key sources in the field of incident response and malware analysis.

Running head: BUSINESS CONTINUITY AND DISASTER RECOVERY
Business Continuity Planning and Disaster Recovery Planning
Name of the Student
Course Number
Date of Submission
Author’s Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
BUSINESS CONTINUITY AND DISASTER RECOVERY
Table of Contents
Question 1..................................................................................................................................2
Question 2..................................................................................................................................3
References..................................................................................................................................4

2
BUSINESS CONTINUITY AND DISASTER RECOVERY
Question 1
Why is it critical for an organization to have a DoS attack response plan well before it
happens?
Answer: The DoS attack or the Denial of Service Attack is the specific type of cyber attack
that occurs when the perpetrator wants to make any particular machine or resource of
network unavailable for the authorized users by simply disrupting the services of the host that
is linked to the Internet (Whitman, Mattord & Green, 2014). These types of attacks are
extremely vulnerable for any organization as they target the resources of network availability.
The DNS server, web server, application server and the email server are mainly attacked in
this type of cyber attack.
The organizations that are dealing with information technology should have a
response plan for Denial of Service attack before it occurs within the systems. The financial
data, information technology related data or the data related to any type of confidential factor
within the organization, should acquire a shield before any type of vulnerability occurs
(Wang, Xu & Gu, 2015). The IT security issues comprise of various significant business risks
that place the organization within the business continuity planning as well as disaster
recovery planning realm. Security is the most important factor in this type of scenario. The
Denial of Service attacks usually have a negative impact on the financial, regulatory, legal
and the brand reputation of that particular organization. Hence, these organizations should
incorporate such response plans within their systems. However, no such response plan is
available that provides complete security to the information systems of the organization
(Whitman, Mattord & Green, 2014). They would have the ability to successfully, detect,
prevent, classify, manage and finally mitigate the attacks of Denial of Service and thus, the

3
BUSINESS CONTINUITY AND DISASTER RECOVERY
organization would be able to continue with its business continuity and disaster recovery
planning.
Question 2
Please discuss the techniques used by malware developers to disguise their code and
prevent it from being analyzed.
Answer: There are three distinct and important techniques that are utilized by the malware
developers for disguising their codes and thus preventing them. They are as follows:
i) Packers: The first and the foremost popular technique used by any malware
developer is packer. It is a program, which helps to compress the code into smaller parts. It is
responsible for wrapping the entire compressed executable within the code and whenever
required it can decompress itself during runtime (Bazrafshan et al., 2013). This compression
alters the look of the executable file. Thus, the signature based detection factors cannot guess
the code and the malware developer is successful in hiding his code.
ii) Crypter: This is the second technique used by any malware developer for hiding
his code. It is same like packer, however the difference is only that it comprises of extra
encryption or obfuscation in the code. The main goal of this technique is to alter the binary
fingerprint for preventing it from getting caught (Whitman, Mattord & Green, 2014). The
crypter encrypts the code with the help of an encryption algorithm by a unique key. Next, he
makes a stub for decrypting it and making it run on the real embedded payload.
iii) Polymorphic Malware: This is the third technique utilized by the malware
developer for hiding his code. It is the type of malware, which eventually utilizes packing as
well as crypting methodologies for changing the way it looks (Mathur & Hiranwal, 2013).
The polymorphic malware utilizes more complicated algorithms for hiding their code.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4
BUSINESS CONTINUITY AND DISASTER RECOVERY
References
Whitman, M. E., Mattord, H. J., & Green, A. (2014). Principles of incident response and
disaster recovery. Cengage Learning.
Bazrafshan, Z., Hashemi, H., Fard, S. M. H., & Hamzeh, A. (2013, May). A survey on
heuristic malware detection techniques. In Information and Knowledge Technology
(IKT), 2013 5th Conference on (pp. 113-120). IEEE.
Mathur, K., & Hiranwal, S. (2013). A survey on techniques in detection and analyzing
malware executables. International Journal of Advanced Research in Computer
Science and Software Engineering, 3(4).
Wang, H., Xu, L., & Gu, G. (2015, June). Floodguard: A dos attack prevention extension in
software-defined networks. In Dependable Systems and Networks (DSN), 2015 45th
Annual IEEE/IFIP International Conference on (pp. 239-250). IEEE.