Information security concepts and techniques
The aim of this report is to explain explicitly about recent studies on malware evolution and identifying some of its recent technologies and developments. For instance, WannaCry and Nyetya are some of the examples of malware that have been developed. Also, some of its evolution areas include; infection speed, purpose and countermeasures. Besides, the report also aimed at identifying gaps on current literature, for instance, issues related to protection of computer systems against malware and effects of malware on recent IT technologies such as IoT were not addressed adequately. Moreover, protection of computer systems against recent technologies will form a basis for future directions on malware. In addition, this report has described some of the challenges that I encountered while carrying out the research, for example, difficulty in finding recent information sources and problems related to data and text mining. The importance of this report includes; helping researchers to understand future directions of malware as well as enabling information security personnel of different companies to understand malware evolution, and afterwards, developing strategies for protecting their computer systems.
Information security deals with issues related to protection of data and information against attacks. Currently, cases of data breaching have increased greatly because of several factors, for example, recent technological advancements such as Internet of Things (IoT) and availability of hacking tools (Chen, 2017). Therefore, it has become difficult to enhance data security effectively as data threats such as malware and phishing are dynamic rather than static. However, this research focuses on malware, which is defined as any software that is intended to affect operations of computer systems or networks such as LAN, WAN and MAN by causing harm and damage. It includes trojan horses, viruses, worms, adware, bots and spyware (Wang, Stokes, Herley & Felstead, 2013). Malware can spread itself and remain undetectable, which forms basis of differentiating it with other programs. Its impacts are vital, for instance, it can affect overall performance of a network as well as computer systems (Bazrafshan, Hashemi, Fard & Hamzeh, 2013). The aim of writing this research is to explain explicitly regarding some of the recent studies on malware evolution. Besides, it has also focused on identifying gaps from literature and its future directions.
Recent studies have shown that malware has evolved greatly, for instance, diskettes were used to transfer first worms. According to Wade (2011), cloud-based applications have made it nearly impossible to protect systems against malware. Wade further argues that changing ways on which networks and computers are protected can help in data security. The way on which infected hosts are controlled is one of the developments in malware. For instance, infected hosts can be controlled centrally, therefore; easing operations of a remote attacker. Also, malware codes can be rewritten or modified to perform some different tasks rather than confined to the initial goal (Wade, 2011).
Also, according to the cybersecurity report that was released by cisco this year, it was concluded that malware evolution is a major threat as far as data security is being concerned (Annabelle, 2018). Incorporation of online payment technologies, for example, PayPal and Skrill into most companies has attracted hackers to develop sophisticated malware for stealing money. For instance, WannaCry emerged in 2017, and afterwards, infected computers that were connected to the internet, which enabled attackers to gain not less than 143,000 U.S. dollars via bitcoin payments. This attack was a success due to vulnerabilities that existed on Microsoft windows operating system (Annabelle, 2018). Apart from WannaCry attack, research has also revealed that Nyetya also affected tax package that was used by not less than 80% Ukraine companies in June 2017. Moreover, technologies that were used in spreading malware over the internet has also changed drastically. For instance, the following includes some of the ways that were used to distribute malware; email and downloads. Besides, human interaction was also required for infecting computers. However, human interaction is not a necessity for infecting computers currently (Annabelle, 2018).
Understanding malware and its impact on computer systems
Moreover, technologies that were used to detect malware have also changed greatly. For instance, signature-based technologies were used to detect first malware (Ki, Kim & Kim, 2015). Several studies have revealed that the following are some of the weaknesses of signature-based technologies; increased costs for maintenance due to regular updates and difficult to detect malware that has been developed in a different form. These weaknesses resulted in the need of adopting non-signature detection technologies due to malware sophistication, therefore; enhancing data security (Ki, Kim & Kim, 2015). This new technique has integrated code normalization, which has made it possible to detect different forms of malware. However, detecting obfuscated malware is still a challenge. Obfuscation is associated with deliberately making codes more confusing so that it cannot be understood easily by other programmers or developers (You & Yim, 2010). The following includes malware obfuscation techniques; dead-code insertion, register reassignment and instruction substitution. Dead-code insertion involves addition of ineffective instructions, therefore, altering program’s appearance. However, program’s behavior is not modified. Similarly, register assignment also maintains program’s behavior. On the other hand, instruction substitution involves replacing original codes. Other obfuscation techniques include; code integration and transposition. Though, obfuscated malware can now be detected by using dynamic analysis techniques such as API call (You & Yim, 2010).
Other than malware technological advancements, the following are other developments; threat purpose, speed and countermeasures (Witten & Nachenberg, 2007). Regarding malware purpose, recent attacks aimed at accessing sensitive information ranging from individual to organization’s level due to increase in the number of computers that are infected by spyware. This was according to the research that was conducted by NCSA. On the other hand, research has also revealed that less time is taken for malware to infect computers (Witten & Nachenberg, 2007). For instance, Code-Red worn infected not less than 360,000 computers in approximately 14 hours. Also, it took less than 10 minutes for SQL-based worm to infect 90% of the servers that were susceptible to attacks. Also, research has revealed that previously it took more than 250 days between announcement of security vulnerabilities and malware appearance. On the other hand, countermeasures such as virus throttling were used for mitigating risks. Other measures include static analysis and WebRoot for mitigating rootkit and spyware respectively (Witten & Nachenberg, 2007).
I encountered some challenges while carrying out research, for instance, finding recent information sources was one of the major challenges since malware is dynamic rather than static, thus latest information was a necessity for conducting this research. Also, I encountered issues related to data and text mining, which is associated with sorting large volumes of data for extracting useful information (Wu, Zhu, Wu & Ding, 2014). For instance, reading through different books for identifying patterns as well as establishing relationships was tiresome.
In the current literature, I believe that areas related to how different malware infects computers, for example, WannaCry and Nyetya have been addressed adequately (Annabelle, 2018). Also, evolution of malware has also been addressed. For instance, several researches have revealed that new tools and techniques are used by hackers to damage computer systems, therefore; complicating entire process of enhancing data security. However, I believe that issues related to security has not been addressed adequately. For instance, techniques that can be used to protect computer systems against malware has not been addressed fully. In my views, data security is the most critical aspect that has been left out as it can result in data breaching. Also, data can be corrupted, therefore; resulting in confidentiality issues (Chang & Ramachandran, 2016). Still on data security, there are few anti-malware strategies that have been put into consideration. Besides, effects of malware to recent IT technologies such as IoT, cloud computing and android applications have not been addressed explicitly as current literature has focused much on machine learning. In my views, impacts of malware on IT technologies is equally important as most companies have migrated to interactive-based applications rather than standalone (Milosevic, Sklavos & Koutsikou, 2016).
Recent studies on malware evolution and its technological advancements
Identified literature gaps include issues related to data security and effects of malware on recent IT technologies. Therefore, future research will focus on IT technologies such as IoT, for instance, the research that was conducted on 2016 reveals that more than 70% of the people across the world are using android devices (Milosevic, Sklavos & Koutsikou, 2016). Therefore, it can be concluded that number of people using IoT devices will increase greatly in the future. Apart from IoT, many organizations have incorporated cloud computing into their operations. Thus, enabling employers to access data easily (Sun, Wang, Buyya & Su, 2017). Therefore, to protect data against malware, future literature will focus on how detection technologies may be improved. IT technologies and security entities cannot be separated; therefore, future literature is expected to address issues relating with data protection techniques since current solutions may not prevent attackers from accessing critical information soon.
Conclusion
In conclusion, malware has evolved drastically. Some of its evolution areas include; infection speed, purpose and countermeasures. Also, it can be concluded that data security and effects of malware on recent technologies are some of the identified gaps on current literature. Therefore, future directions on malware include; impacts of malware on recent technologies. These conclusions are vital today, for instance, it is relevant to IT security personnel of different organizations as they can understand recent malware technologies, and afterwards, develop some strategies to mitigate risks, therefore; enhancing smooth running of operations. Also, it can help researchers predict future directions of malware. Thus, this research is important in overall security of computer systems.
References
Annabelle, G. (2018) evolution of Malware. Retrieved from
Bazrafshan, Z., Hashemi, H., Fard, S. M. H., & Hamzeh, A. (2013, May). A survey on heuristic
malware detection techniques. In Information and Knowledge Technology (IKT), 2013 5th Conference on (pp. 113-120). IEEE. Retrieved from https://ieeexplore.ieee.org/abstract/document/6620049/
Chang, V., & Ramachandran, M. (2016). Towards achieving data security with the cloud
computing adoption framework. IEEE Trans. Services Computing, 9(1), 138-151. Retrieved from https://ieeexplore.ieee.org/document/7299312/
Chen, E. T. (2017). The Internet of Things: Opportunities, Issues, and Challenges. In the Internet
of Things in the Modern Business Environment (pp. 167-187). IGI Global. Retrieved from https://www.igi-global.com/chapter/the-internet-of-things/180740
Ki, Y., Kim, E., & Kim, H. K. (2015). A novel approach to detect malware based on API call
sequence analysis. International Journal of Distributed Sensor Networks, 11(6), 659101. Retrieved from https://journals.sagepub.com/doi/abs/10.1155/2015/659101
Milosevic, J., Sklavos, N., & Koutsikou, K. (2016). Malware in IoT Software and Hardware.
https://www.researchgate.net/publication/317011595_Malware_in_IoT_Software_and_Hardware
Sun, H., Wang, X., Buyya, R., & Su, J. (2017). CloudEyes: Cloud?based malware detection with
reversible sketch for resource?constrained internet of things (IoT) devices. Software: Practice and Experience, 47(3), 421-441. https://jarrett.cis.unimelb.edu.au/papers/CloudEyes2016.pdf
Wade, W. (2011) The Evolution of Malware. Retrieved from
https://www.securityweek.com/evolution-malware
Wang, G., Stokes, J. W., Herley, C., & Felstead, D. (2013, June). Detecting malicious landing
pages in malware distribution networks. In Dependable Systems and Networks (DSN), 2013 43rd Annual IEEE/IFIP International Conference on (pp. 1-11). IEEE.
Retrieved from https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/dsn2013.pdf
Witten, B., & Nachenberg, C. (2007). Malware evolution: A snapshot of threats and
countermeasures in 2005. In Malware Detection (pp. 3-15). Springer, Boston, MA. Retrieved from https://link.springer.com/chapter/10.1007/978-0-387-44599-1_1
Wu, X., Zhu, X., Wu, G. Q., & Ding, W. (2014). Data mining with big data. IEEE transactions
on knowledge and data engineering, 26(1), 97-107. Retrieved from
https://ieeexplore.ieee.org/document/6547630/
You, I., & Yim, K. (2010, November). Malware obfuscation techniques: A brief survey.
In Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference on (pp. 297-300). IEEE. Retrieved from https://www.computer.org/csdl/proceedings/bwcca/2010/4236/00/4236a297-abs.html