Monday, May 4, 2020

Honeypot For Arbitrary Malware Usb Storage â€Myassignmenthelp.Com

Question: Discuss About The Honeypot For Arbitrary Malware USB Storage? Answer: Introduction Malicious software can be defined as a kind of deliberate security risk or threat. The developer of such software has malicious intention. If a system is infected with a malicious code then the system will get damaged and lose all its data (Uscilowski, 2013). Malware has several capabilities that include but is not limited to denial of operations, exploitation of vulnerabilities as well as gaining access to other system in an unauthorized manner. This report gives a clear overview of the recent and advanced trends in malware. It discuses about different kinds of malware that are existing in the market at present. It also gives a clear idea about all the technologies that are relevant in this context. It also discusses about the problems and challenging factor in malware attacks. This report figures out the important issues and its impact on the society. It gives a clear explanation of the lessons that have been learnt from the entire discussion about recent malware trends. Malware and its Types Malware or malicious codes can be considered to be one of the most harmful and dangerous security threats in this era of ICT (Wang, Streff Raman, 2012). In malware attacks the malicious program is entered into a system for the purpose of gaining unauthorized or illegal access to valuable and sensitive information. The main motto of the malware developers is to earn money or harm the users intentionally. There are several types of malware as follows: Virus: Virus is an executable program that has the capability to run or execute on any system without any permission. The execution process is carried on secretly so that the system does not come to know about it (Zhou Jiang, 2012). Viruses are incapable of duplicating itself or creating its own copies. Worms: Worms are capable of creating their own copies or replicating unlike viruses (Gandotra, Bansal Sofat, 2014). The network plays a significant role in sending the copies of the worms to different systems or nodes present in the network. Worms are said to consume high network bandwidth and have a malignant nature. Trojan horse: An application that appears to be useful and legitimate but actually contains malicious programs hidden within it is called a Trojan horse. These kinds of applications pretend to scan systems for a spyware but in reality it has been seen that they are stealing sensitive data from the systems. Spyware: This kind of malware is known for spying on the system and the activities of the system. It is capable of collecting valuable data from system in a hidden way (Erturk, 2012). It has the capability to monitor the activities of the user. Adware: This software is responsible for playing and displaying various advertisements automatically. This kind of software is developed for producing revenue for the developer of the advertisement. Ransomware: This kind of malware is known for blocking the user from accessing valuable and necessary data. It encrypts the data of the user and makes the data available to the user in exchange for a ransom amount generally paid in Bitcoins (O'Gorman McDonald, 2012). Recent Trends in Malware The recent or current malware trends tell that malware threats and attacks are increasing with the growing use of ICT. Malware can be considered to be evasive in nature as it has the capability to harm any system in an aggressive manner. Vulnerabilities existing in the two factor authentication technique in mobile phones are being exploited by the malware. These kinds of attacks are becoming a major concern for the society. Malware has the capacity to leak data from cloud storage. It has been predicted that Monero ransomware will appear in the near future. Malware developers are showing interest in an approach called code signing approach. The aim of malware developers is to get valid certificate for entering the systems. The WannaCry ransomware attack is one of the most dangerous attacks that took place in the month of May, 2017 (Mohurle Patil, 2017). It had hit 100 countries across the world. Spain, Egypt, India, China and UK were also affected badly. 1000 systems in Russia had be en infected. WanaCryptor 2.0 or WannaCry is the name of the ransomware. The users were asked to pay 300 dollars Bitcoins in exchange for their data. This is the most recent malware attack that hit the world. Recent trends in malware include browser settings modification. In these types of malware attacks the browser settings of the user are changed. It has modified the browser settings of Safari, Opera, Internet Explorer and Google Chrome. They are also capable of changing proxy settings of users. Recently such malware is developed that has the capability to crack medium to weak passwords of a system. The family of malware has shown a great increase between 2012 and the year 2013. 69 per cent increase in the malware families have been observed within 2012-2013 (Uscilowski, 2013). The number of malware families that belonged to the android group was 121 in 2012 and it grew to 204 in 2013. Figure 1: Android Malware Trend (Source: Uscilowski, 2013, p. 10) The above figure clearly shows that the sample count has increased. Recent trends in malware have shown that they are generally entering the systems through several applications. Entertainment and games are considered to be the main entrance for malware. Malware attacks can harm the system by misusing and deleting the valuable data. The figure given below gives a clear idea of this fact. Figure 2: Top Ten Applications Category with highest percentage of Malware (Source: Uscilowski, 2013, p. 10) Challenges and Problems The user or human factor that is present in IT chain is known to be the weakest link. Human factor is considered to be one of the most challenging factors or issues in mobile security. As mentioned by Arabo and Pranggono (2013), a smart home is generally more prone to all types of malware attacks. Malware can attack and infect mobile phones, electronic devices and car navigation systems. There can be virus attacks in the home environment. Protection of healthcare devices like pacemaker has become one of the challenging issues in the present generation. Malware attacks in unprotected healthcare devices can transmit data and the settings of the devices can change that can lead to dangerous consequences. Malware attacks can reconfigure the device. During the online payment method an attacker can access financial data and use it for own advantage. Few malware attacks charges premium by sending messages. Another major challenge is Botnet. Several online resources can be changed into Botne ts by the attackers. Botnets send spam emails and host phishing sites. They are also responsible for DDoS attacks. Mobile devices are the main targets of Botnets. The malware attack rates are increasing because of the poor security features and vulnerabilities of the mobile devices. Relevant Technologies and its Applications in Malware USB or universal serial bus sticks are considered to play a significant role in the spread of malware across various devices (Poeplau Gassen, 2012). USB is capable of harming systems that do not form part of an unsecured network. USBs can be used by the user to transfer files from one device to another without being aware of the fact that the USB is affected with virus. Trusted devices should not be allowed to use USB for exchanging files and documents because an infected USB can modify and even delete the valuable data of the system. ICT and internet technology play a major role in the spread of malware attacks (Chen et al., 2012). Users can download malicious files from the internet and harm the system. Malware attacks can also take place via email over the internet. The growth of information and communication technologies has increased the chance of malware attacks in this present generation. Issues Discussed Most of the issues are regarding the mobile malware attacks that are taking place in the smart electronic devices. When a file downloaded from the internet then the cyber criminals can convert it into Botnet. Botnets have the capability to carry out DDoS attacks. They can even send spam mails to spread the malware (Arabo Pranggono, 2013). Phishing sites can also be hosted by Botnets. The malicious programs can execute in devices for misusing the sensitive as well as valuable information (Chandramohan Tan, 2012). There are several reasons why a mobile phone is attacked like its ubiquity and computational powers. It is easy to attack a mobile device as it operated on an open platform. ZeuS botnet is a well known banking malware that targets various types of mobile platforms namely iPhones, Blackberry and Symbian devices (Etaher, Weir Alazab, 2015). The financial sector considers this botnet to be the most malicious banking malware that can steal financial details as well as money of the users. Important Issues that are not addressed and its impact The literature reviews have not paid much attention to the ransomware attacks and it effects. These are a type of malware attacks where the malicious code blocks the user from accessing the data of the system. The attacker uses the malicious codes to encrypt the data of the system and agrees to decrypt the data in exchange for a ransom amount of Bitcoins. The attacker provides the decryption key after receiving the Bitcoins. Malicious websites can also be responsible for a ransomware attack. The impact of this attack is disruption of daily operations and damage of sensitive data. It has the ability to harm the organizations reputation as well. The victims of the attack will face monetary or financial loss because they will have to pay huge amount for recovering the system. Important Lessons Incorporation of advanced and strong security architecture in the system is required for preventing it from malware attacks. The operating system should be updated on a regular basis and users should only download reliable applications from official sites for protecting the system against malware attacks. Latest versions of Anti-Virus software must be installed in the system from preventing and detecting any virus attack (Hsu et al., 2012). Personal firewalls can be implemented that can prevent any illegal external intrusion. Trusted applications must only be used. Security solution can be high level only by following and using multi level technique or approach. Conclusion This report concluded malware threats or risks are becoming a major concern in this world of technology. Malware developers are bypassing detection by inventing advanced techniques. Malware attack incidents are growing by huge margin. This report explained about worms, viruses, ransomware and Trojan horses. It said that viruses do not have the capability to replicate on its own while worms have the capability to replicate. It said that the relevant technologies that are needed to spread malware attacks are USB and internet technology. This report showed that recent trends in malware are to change the browser settings and crack weak passwords. This report also gave an overview about the WannaCry ransomware attack that hit the world in May, 2017. The main issues related to malware attacks are found to be the vulnerabilities in the mobile electronic devices. This report also said that certain techniques can be applied to prevent malware attacks like implementing firewall, installing Ant i-Virus software and downloading trusted applications from official sites. This report concluded that incorporation of advanced and strong security architecture in the system is required for preventing it from malware attacks. References Arabo, A., Pranggono, B. (2013, May). Mobile malware and smart device security: Trends, challenges and solutions. InControl Systems and Computer Science (CSCS), 2013 19th International Conference on(pp. 526-531). IEEE. Chandramohan, M., Tan, H. B. K. (2012). Detection of mobile malware in the wild.Computer,45(9), 65-71. Chen, Z., Roussopoulos, M., Liang, Z., Zhang, Y., Chen, Z., Delis, A. (2012). Malware characteristics and threats on the internet ecosystem.Journal of Systems and Software,85(7), 1650-1672. Erturk, E. (2012, June). A case study in open source software security and privacy: Android adware. InInternet Security (WorldCIS), 2012 World Congress on(pp. 189-191). IEEE. Etaher, N., Weir, G. R., Alazab, M. (2015, August). From zeus to zitmo: Trends in banking malware. InTrustcom/BigDataSE/ISPA, 2015 IEEE(Vol. 1, pp. 1386-1391). IEEE. Gandotra, E., Bansal, D., Sofat, S. (2014). Malware analysis and classification: A survey.Journal of Information Security,5(02), 56. Hsu, F. H., Wu, M. H., Tso, C. K., Hsu, C. H., Chen, C. W. (2012). Antivirus software shield against antivirus terminators.IEEE Transactions on Information Forensics and Security,7(5), 1439-1447. Mercaldo, F., Nardone, V., Santone, A., Visaggio, C. A. (2016, June). Ransomware steals your phone. formal methods rescue it. InInternational Conference on Formal Techniques for Distributed Objects, Components, and Systems(pp. 212-221). Springer, Cham. Mohurle, S., Patil, M. (2017). A brief study of Wannacry Threat: Ransomware Attack 2017.International Journal,8(5). O'Gorman, G., McDonald, G. (2012).Ransomware: A growing menace. Symantec Corporation. Poeplau, S., Gassen, J. (2012, October). A honeypot for arbitrary malware on USB storage devices. InRisk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on(pp. 1-8). IEEE. Uscilowski, B. (2013). Mobile adware and malware analysis.Symantec Corp,1. Wang, Y., Streff, K., Raman, S. (2012). Smartphone security challenges.Computer,45(12), 52-58. Zhou, Y., Jiang, X. (2012, May). Dissecting android malware: Characterization and evolution. InSecurity and Privacy (SP), 2012 IEEE Symposium on(pp. 95-109). IEEE.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.