What is Malware?
Malware
Malicious software is known as stealing software. It hacks the user document and private data .It enters the system via network. It works as a detective to make major cause in the system. Spyware is one among the type of malware that detect the users place, direction, and private data without their knowledge and send irrelevant message to the damaged system to know the system damage. Adware is one among the type of malware, it gives irrelevant advertisement to the user and share the unwanted document and also it behaves like software. To analysis the malware software, computer viruses, worms are playing a major role to damage the user’s computer. To prevent from malware there are many protection guard like firewalls. They are also much anti-virus software to prevent form malware attack.
Types of malware
1. Viruses
2. Worms
3. Trojans
4. Root kits
5. Rat
6. Botnets
7. Spyware
8. Trap door
9. Logic bomb
10. Mobile malicious code
11. Malicious font
12. Polymorphic malware
Viruses
Virus is a way of stealing the user data .It stick in pen drive and cads, when user uses pen drive the viruses affect the secured data. It may also in newly downloaded sites or document in the internet. So the systems are damaged by this kind of attacks. In system software viruses are also known as secret language. It can straightforwardly penetrate into the system. In some of the system operations like duplicating any other programs or system starting, it has the possibility to enter into the computer. Then while some new downloads or mails through the internet move over from CD and pen drives. And in the back off system virus enter and activate in the document. While the viper opens the secret languages are totally removed from the entire document.
Polymorphic malware
polymorphic malware is a type of malware; using this malware we can make automatically change the original character. It is recognized by the malware security devices. Using polymorphism the data are easily affected and also hacked by someone.
Logic bombs
Logic bombs are known as a programming code .It is a malware and it uses the execution of program delay and affect the data. Logic bombs are used to affect the program execution and the available data.
Worms
Worm is also a kind of software as virus malware .It can be the motivation of copying files from source document. And the computer easily penetrated by this way, when engaged or the system has a slow process. And it is used for create the duplicate system and also endangered the system. The worms do not connect with the program. And here no need to change the document. It can able to use it without the viper concern.
Types of Malware
Trojans
Trojans are like software as arresting the viper. The available vipers are arrested by the Trojan horse. It does not generate the duplicate source. It also the type of viruses but it may trigger the hard disk and it is also one of the sections of malware. It penetrates inside the system and path of the programming code.
Root kits
Root kits enter into the company across different operating systems like windows and Linux. It has three types of root kits. They are kernel root kits, library root kits, and application Root kits. It is used to supply the root level entry to the system and post as the program. It has worry about the antivirus and the moving of programs. It directly forces the system knowledge without the computer authentication. We need to get the permission from the system then only the root kits are avoided. It is also known as masking software but the harmful software is not held by the Root kits.
Rat
Rat is also called as Remote Admin Trojans. It penetrates inside the system across CD or pen drives. These Trojans are remote control to admit a system and it poach the information and get the password .But Trojan is creating for the genuine use. It allows only the specific applications. But following some of the hackers change its influence in the system. Even though hackers do not list or hack the activity by Trojans.
Botnets
Botnets is a shortened virus and in this the robot networks is used to beat by the command and control servers. This kind of viruses have different types of function and also versatile to every system. It diminishes the traffic by damaged computers and also uses the inessential servers.
Spyware
It is a kind of software but it is in a form of program. The major goal of this technique is to get the statistics about the person without the awareness of the viper. This is used to evaluate the danger system and pass the information to the hacker. It acts as the malware. When the information pass in the internet, add across this spyware. The spywares are getting the details about the passing information, and it can easily steal the scope of the information. These are the damaged threats in the computer and borrow information .It can easily infiltrate the systems and in this way of installing using new drives or any others resources.
Viruses
Trapdoor
Trapdoor is a type of malware. It used to hack the viper details without the content of the viper, without knowing the password.
Mobile malicious code
The mobile malicious codes look like a web document and executes in web browser. It gets the details about the need of web page, and also it acts like a remote device. This is also a part of malware.
Malicious font
for safety working, the method of font as malicious as Web pages narrated.
Basic malware analysis
In the malware analysis, the scenario is fully based on the mail had an attachment and has to check whether the attached file contains the malicious or not. The person opened the file suddenly and known it was infected. It means, our files are damaged by malicious software. The malicious files are analyzed by following steps.
Task analysis
In a social engineering attack, an attackers use the human interaction process for obtain the information or compromise the information. This information is fully based on the organizations or computer system. But the process of recognizing the target malicious is little difficult like antivirus, IDS, IPS, and custom malware detection tools. The social engineering technique is leverage by the attackers, and this technique along with one or more zero vulnerabilities for APT deployment. In social engineering includes lot of resources like deception, manipulation, and also limitation. These are resources are exploit by the human elements or user of information attack.
An attacker provides the needed information and also gathers the required information from the source. First the attacker communicates the source and all the sources are in same organization, and rely on the information from the first source to add by his or her credibility. In social engineering technique we are using different types of attacking methods such as baiting, scare ware, pre texting, phishing, spear phishing.
Baiting
Baiting attack adoption is a fake agreement to a causality excess or concern. Users attract into bait that steals their important details, information and data or exact their installed systems with malware. The adoption environmental media is an example of commitment scorn design it to get out malware
Scare ware
Scare ware is a brand of malware, created to technical fatality into bought and downloading the worthless and possibly critical programs. Which run blooper that feature windows computer messages, basically it perform the following objective like antivirus or antispyware operating system, and also contains a firewall function or an attendance soap
Polymorphic Malware
Pretexting
Pretexting is one of the famous social engineering methods. In pre texting whatever an imaginary time is generated being the advantages of access personal details. And also these are the conscious details from an unwanted lone.
Phishing
Phishing is a try to earn delicate notes analogous usernames, pass code, and credit card information, regularly for malicious bounds, as a confidentially individual in an automatic contact. The social engineering contains several parts. Phishing is one of the famous social engineering parts; its blackmail is email and word message crusade proposal at discovering an impression of emergency, intrusiveness or despair in victims.
Spear phishing
An email or computerized connection scam destination almost have a unique and individual, management or trade. Admitting often calculated to steal data for malicious principle; the cyber culprit may also intend to run malware on an aimed victim’s computer
Yes, after touched this file the virus infected in the system for the proof is the anti-virus in the system display the notification as the virus injected in the system. After opened this file we can get the details about the attached with email. The email has malicious or infected and also with the original document it totally affects the entire system. We want to avoid this situation using antivirus software or other prevention method. Scanning process is a type of prevention method, using this method we can easily get the pure document without any collisions. And also we can see what is really in the mail document.
Step 1
First step is back up and also restore the important files, the important files are available in your system.
Step 2
and the next step is disconnecting the internet. If we want to disconnect the internet then the websites or downloading pages are stop their performance for sometimes.
Step 3
Third step is using the safety measures. In this step we can easily boot the system. Anti-virus is a best example for step 3, because the antivirus is used for scanning the virus and also retrieving the deleted contents.
Step 4
In step 4 you may have use another computer internet by the way of local area network connection. The LAN connections are used for solves the malware problems and also find about the malware. In this step we can safely download our document from the internet.
Step 5
Step 5 is the process of malware analyzes. Using this step we can easily analyze the malware and also find the solution for the corresponding malware. It provides the source for remove virus in a proper manner.
Logic Bombs
Step 6
Scan the files what are the files were downloaded from the internet and used to scan multiple times. And use many tools to find the scanning purpose and removal of virus infected of the related file.
Step 7
Next step is disk maintenance. To maintain the disk clean, we need to format the disk in multiple times .And also remove the waste files or unwanted data’s. It does not modify the original content and also clean the temporary files; these temporary files are used in the related software.
Step 8
Step 8 performs the restoration process. It just removes the system and then restores the points finally these points are used for the malware for deleting the wasted files.
Security defects
Malware are normally defected by some resources such as operating system and applications. The newly updated software or operating systems are also affected. It provides the data in executable form, when the process execution comes to an end.
User error
The system has the operating system and also has some disks like floppy disks and it changed when booting the operating system. And the error has been occurred; when the operating system is installed without booting. Finally it shoes the errors in runtime. Sometimes the users make a mistake in run the software and sure the concepts are easily understood. Also the codes generate the errors.
Usage of similar operating system
The malicious software supports different type’s operating system. Basically the malware software is platform independence. But it does not support the prevention method to the software
The files are look at same but both had the different names. So in the starting stage the file has affected with malicious and it affects the documents over a particular time. And in that some issues related to rtf document and described by the proper software. And using the rtf dump we can watch the actions of the rtf file. And the affected files are started with the header and also had class and objects. And the static analysis is used to analyze he malware and also gather the capacity of malware with the providence of the indicators and had key techniques
In the analysis of the system the virtual system gets hanging while opening the rtf document using VMware. In malware we are using some dynamic analysis, this dynamic analysis is fully focus on run the malware forgets and the malware behavior. It has to perform the observer of the functions and analyzes the technical issues used in the signature detection. Some technical issues are also solving by malware like domain names and IP address and the file location. And we can easily analyze the attacker who has the control to access of the server and that is used for command and control.
Worms
The dynamic analyses are also used in sandboxes, malware engines and various tools. These are the techniques used for this dynamic allocation with the sandboxes. In this dynamic analysis it used the hashing technique to perform the searches about the information. The hashing algorithm is used for this information search such as MD5and SHA algorithm.
Using this information, it also includes some header files, strings and the indicators these are used for analyze the infection and also used to scan the signature. Dynamic analysis is a part of malware analysis and used to provide the indicators for the malware detection. It protects the platform for the analysis of malware. And the analyst needs to monitor the system process, the file activities are also analysis with the help of the malware. If you want to get the behavior of the malware from the file system use this dynamic analysis and use some additional new techniques.
In the analysis of malware the rtf file document used to describe the vulnerability and provide the set of rules. And this is known as python rule and it is used to analyze the affects in the system or related file. For this rtf file it is used several labs. And many objects are listed here contains more data and this is used to filter the packets. And each rtf file it make the numbers for identification and it may be a decimal or hexadecimal and it work with analysis in the malware analysis.
And the virtual machine works as the architecture and used to describe the function of the system. And the machine used as the combination of software and hardware components and in that it had two types and they are system and process virtual machine. And it used to provide the real machine and describe the function of the overall system. And the machine is used to execute the program and it has the virtual memory. And in that it had the instructions by sharing the instructions to the code and used to distribute the memory to the separate machines. And the sandbox is known as the breed of software testing. And the sandbox is known as the test server and it also called as a development box. First one is sandbox detection and it is known as to detect the working directory and detect the attitude of the system. And the next one is sandbox crack it is known as the different deficiency or known as crack in the sandbox.
Trojans
VM detection
By the usage of this detection we can avoid the malware and used to shift the place of malware. And in that monitoring is the important concept and it had two types. And they are,
- Interior box monitoring
- Exterior box monitoring
Interior box monitoring
VM is a marked frame work to the counter detection. And this detection damages the number of malware. And it also notifies the behavior of interior box monitoring.
Exterior box monitoring
And this type of box method is varying compared to other process and it present in the incidental effects and artifacts compared to malware.
Spotting VM exposure
As a consequence of authority the malware issued in the environment also it analyzed through the virtual machine and this analyzer use to avoid the malicious program.
VMware detection
And for the vim detection it has files, memory, version and services.
Sandbox detection
In this sandbox it is used to the parts such as name and files.
The given rtf dump is like a tool used to analyze the reports using the code as python. And it has a list of documents. And it has objects and data by the number format. And through the malware analysis it cannot execute and not able to change the attitude and using the virtual machine it has some actions. And also it has a benefit like fake analysis it will not change the attitude and it has the fake issues like registry
Malware often change their code at the same time keep the functionality for keep safe from detection misuse. And the target programs are embedded by malware, and then the behavioral of the malware can be destroyed by using metamorphism. Some special type of technique is used as ANI. Normally the ANI is a theory; it explains the details about data dependencies in the code.
IP analysis of software
In the IP analysis the DNS server is used for prevent the system from the attackers, and also used for control the machines as well as secret machines and DNS is widely used in the malware detection. And also it provides the server controls. Generally the systems are used for the detection of malicious DNS, using this technique we can easily find out the malware and also analysis the IP address. We can control the malware in traffic and the IP addresses are used in the feature process of malware detection.
Malware detection using IP
Root Kits
The malware activities are detected by the DNS server. And these malware occurred in the way of viruses and it is used to analyze the longer network, not only the longer network it perform the complex network also. Some other problem is created in the malware detection like malware infection.
Extraction of malware detection
By extracting the features of malware detection we can obtain the traffic analyzes in the big network and it is called as big data. Big data means use the large amount of networks. And these features consist of malicious DNS and in the form of network traffic features. The data collector in the DNS is used to record the traffic in the network. The malicious DNS detector is used for analyze the traffic in the network. And next one is the reputation engine, using this engine we can easily find the reputation score for the IP address it’s also known as network traffic analyzer.
The installation of anti-malware solutions use the malware certificates, these certificates are present on your computer. A new malware program is used for preventing the users from the antivirus installation process. The products are having some advantage of the digital signature for checking the performance of Windows User Account Control (UAC). It contains some executable files.
It fully based on the alteration of the User Account Control in Windows, this malware prevents the users from the installation of security process, by copying digital certificates that are used to sign antivirus programs to the non trusted Certificates in Windows. It also keeps the status changes.
It is one of the malware file. It locks the affected computer as well as encrypts the data stored in the computer. Then it shows the ransom message to the user. The key was given to the user after give the ransom money to the attacker. The money was transferred in the form of crypto currency or virtual money. It was spreader by the emails as well as images. Main source of this virus file was online websites. They spread the worm files. Basically the Ransom ware is used for damage the systems files and also increase the worm files.
In this case the computer was affected by the ransom ware. The attacker asks money to unlock the computer. So we need to pay some money for getting your information. In this computer a huge amount of personal data are stored. All the stored data’s are locked by the attacker. The pictures as well as videos stored in the computer were to important data at the same time they all are very sensitive. So the only way to retrieve the data was paying the ransom money to the attacker. So the client contacts us to unlock the computer without paying any ransom money. The details are already given to the analyzing team. The various tools involved in the analysis are listed below.
- Bit-Defender Anti Ransom ware
- Trend Micro Lock-screen Ransom ware
- Kaspersky Anti Ransom ware
- Kaspersky Descriptors
- Avast Anti Ransom ware
- AVG-Ransom ware decrypting tool
- Formerly Crypto monitor
- Malware Anti Ransom ware
Rat
And this kind of ransom ware is in the form of anti-virus to keep safe our files and make the security purpose. And the product level of ransom ware is known as software and it uses in the computer like save the contents in the computer. And in the security level it used more things like to the use of internet with a security.
And make the user files as very secured and keep with the password protection and it is used to scan the contents which is affected by the normal virus and other kind of virus. And it is known as a software and popular among the peoples.
And Kaspersky virus is also one of the ransom ware and it is in the form of software in the computers and this kind of anti-virus found in the lab by the usage of the people has more knowledge about the malware. And it is also used in the kind of security form such as internet. And in the internet it is used more and keep the files as secured. And also it use to provide the firewall such as used to filter the traffic. And also it works as a keyboard with security.
In avast it make a proper scan with the files and make ensure the security and the files are affected in the way of we make the password to known to others. But in the software avast kind of password make the files as more secured. And also hide the file places
For analyzing the mal-ware 2 variety of testing procedures were followed widely. These methods are commonly used to analyze the malware files. These two methods are listed below.
- Static Analyzes
- Dynamical Analyzes
Here the name that says about their function. In the first methodology the malware was run by the actual methodology. So this type of analyzes are called as Actual analyzes. The second methodology was called as behavioral analyzes. By the use of this methodology executable-malware files are supervised as well as controlled.
For performing the static analysis there are many tools and techniques are employed. At the static analyzes the malware code as well as its functional instructions were founded. Based on the above data we can able to identify the actual intent and capacity of the malware file. Also the technical factors related to the malware was easily founded by this analyzes technology. There are many key element were employed in this method. By using this type of analyzing procedure we can easily found the nature of the malware file. It also contains the details like name of the file, MD5 hash values, type of file etc
Botnets
We all are know that the dynamic analyzes was called as behavioral analysis. From this analyzes we can able to know about the characters of the malware. Here the virus signatures are detected by the technical indicating elements. This contains the IP-values, Name of the domain, and Location details about the file. For this purpose we use the sand boxes as well as malware-engines. They are responsible for reduction of the available information. This is the latest technique which gives the high accurate results. So it has the higher effectiveness. That shows that the overall output of analyzes depends on this technique
In reverse engineering methodology IDA was employed to disassembling purpose. The resources are dissembled by IDA. It is the well-known tool used for this purpose. There are some other tools are available for the same purpose among all of the files it gives the higher effective results. For using this software we need to pay money to the developer. This tool needs some money for their installation. This methodology the coding part was done by the binary coding methodology. So there is a strong need to convert the code into the assembly format. All the given coding is converted into assembly manner. Here the debugging action was performed by the .exe information available. This data was saved in the debugging folder. This software was mainly employed to found the name of the variables as well as its functions. By the use of reverse engineering the codes are easily recovered
This type of analyzes involves the various types of data. They are used to perform the process of reverse engineering. By using the IDA pro we can able share our thoughts as well as the types of information related to the analysis. This will helps to other face the same problem while using the tool. This tool clearly identifies the details about the case with the file name. So the files are easily identified by this way. Here the similar characters between the functions are identified by the matching functions. Each and every argument has a unique name. Here the name of the arguments was autonomously spreader. They are used in the reverse engineering process.
This type of malwares are mostly targeted the data source. There are several data sources are used like Pictures, Audios, as well as videos. And the most important thing is all the given information’s are sensitive. So the user ready to pay money. Then the ATC was more suspicious action. Also the various programs and some file are used for retrieve the information. They convert the file format into another form; it was the main activity of this software. In this software there are many methods are used for the protection against the ransom viruses. This technology was fully autonomous.
Spyware
In the ransom ware the particular package technique is used and the malware is listed out be the various classes and this technique is used to the static analysis. And the application is used to perform the set of actions and it follows the each step in the process and in the first installation and next one is analyze the system characteristics and in the analysis such as dynamic used to detect the ransom ware result. And in the dynamic analysis it had some disadvantages so the result gets affected.
The infection through the ransom ware affects the encrypted files and makes the content missing of the files. Through the encryption we can control the data stealing and infection so using this we can avoid the ransom ware.
The signsrch is known as the tool for encryption in the way of multiple and provide the solution with the certain conditions and it has various methods to operations such as decryption.
The ransom ware uses the crypto key such as symmetric is used to encrypt the files. And also it had asymmetric encryption for the key and for the technical part the AES key is used.
In the ransom ware the removal operation is done by tools used for decryption and this tool is used as direct. And for the decryption the auto locks tool is used and for the computer locking it used the hydra craft. And for the operation such as decrypt the encrypted files using decrypt locker
In the malware analysis it needed the background setup as good because we need to gather the data used for the safety from the malicious file. And it uses by the virtual machine as the software. And by the usage of virtual machine we can test the various kind of system. In the system of virtualization it had many virtual machines. And the tools are used to describe about how the malware get into the malicious. Normally the network shares the imp address and details to others with the different type.
NAT
For the connection of machine in the LAN network the host IP address is used through the virtual machine. In the NAT connection the system or operating system not able to connect the other type operating system. And the virtual machine has some range and it is used to access the internet.
Bridged adapter
In that the host system has the network with the IP address of the virtual machine. So the LAN has the direct access with the other machine.
Trapdoor
Virtual box
In the initial settings of the operating system without the use of other data and so for that we have to give the name and data. And the folder has the access to read and by the usage of this the malware cannot access the system.
And in the basic malware analysis the tools are used such as analysis of PEiD for detects the packets and also the dependency walker for the link such as dynamic. And the PEview and the file analyzer are used to evaluate the file and the resources were changed visible to the hackers. And it had two basic malware analysis tools and the function. And the types are,
- Basic malware analysis tool
- Dynamic malware analysis tool
Basic malware analysis tool
The tools are used to analyze the malware such as PEiD, Dependency walker, Resource hacker and PEview.
PEiD
This tool is used to analyze the compilers but the malware analysis is complex. And in the update tool it is used for analyze the files like text and it is stored using database.
Dependency walker
Dependency is the basic malware analysis tool and also it was one of the other greatest tools using in malware analysis. Basically the dependency walker is an open sources application that are scanned in windows 32 bit and also windows 64 bit. It provides lot of function modules of import and export. It views only the detailed data of the file such as file path, version, and information.
Resources Hacker
Resource hacker is also known as ResHackers. These hackers are used in the open source applications. These open source applications are takes the resources from the window. It can add and modify the resource such as strings, images etc.
PEview
PEview is the simplest tool. Using this tool the application can easily find out the browsing data. The data’s are present in the PE files. All the PE files have two sections one is header and another one is section, all the browsing data’s are present in that location.
FileAlyzer
FileAlyzer is used for read the information freely from PE file header and different Section, compare to PEview it have a several no of application, only the FileAlyzer can access these applications. The Virus Total tab is the one of the best feature are used to analysis the malware and the PE Compact files.
Dynamic Malware Analysis Tools
Different types of tools are used in the Dynamic malware analysis such as Procom, Process Explorer, Reshot, and Net cat
Mobile Malicious Code
Procom
Procom is one of the most famous tools used in the dynamic malware analysis. It also called process monitor it is one of the free tool was developed by windows system internals that monitor the file systems of the windows and registry. It combines with File Mon and RegMon. It has the greatest feature to add the filemon and procmon to filter the data and log the boot time.
References
Applied Cyber-security and the Smart. (2013). Network Security, 2013(10), p.4.
Cyber-security. (2014). Network Security, 2014(1), p.4.
European guidelines for resilience and cyber-security. (2011). Network Security, 2011(2), pp.2-20.
Governments warn of cyber-security. (2011). Network Security, 2011(11), pp.1-2.
Horowitz, B. and Lucero, D. (2016). SYSTEM-AWARE CYBER SECURITY: A SYSTEMS ENGINEERING APPROACH FOR ENHANCING CYBER SECURITY. INSIGHT, 19(2), pp.39-42.
Horowitz, B. and Lucero, D. (2017). SYSTEM-AWARE CYBER SECURITY: A SYSTEMS ENGINEERING APPROACH FOR ENHANCING CYBER SECURITY. INSIGHT, 20(3), pp.66-68.
Lehto, M. (2013). The Cyberspace Threats and Cyber Security Objectives in the Cyber Security Strategies. International Journal of Cyber Warfare and Terrorism, 3(3), pp.1-18.
Targeted Cyber-attacks. (2014). Network Security, 2014(6), p.4.
Tsoumas, B. and Gritzalis, D. (2012). Inside Cyber Warfare: Mapping the Cyber Underworld. Computers & Security, 31(6), p.801.
UK launches cyber-security reserves. (2013). Computer Fraud & Security, 2013(10), pp.1-3.
US public-private partnership for cyber-security. (2010). Network Security, 2010(12), p.20.
Alam, S., Horspool, R. and Traore, I. (n.d.). A Framework for Metamorphic Malware Analysis and Real-Time Detection.
Cleary, F. and Felici, M. (2014). Cyber Security and Privacy. Cham: Springer International Publishing.
Cyber security, 2009. (n.d.). .
Cyber Security. (2013). Ely, Cambridgeshire, United Kingdom: It Governance Publishing.
Dunham, K. (2015). Android malware and analysis. Boca Raton, FL: CRC Press.
Kirat, D. (n.d.). Scalable automated evasive malware analysis.
Krieg, C., Dabrowski, A., Hobel, H., Krombholz, K. and Weippl, E. (n.d.). Hardware malware.
Oktavianto, D. and Muhardianto, I. (2013). Cuckoo malware analysis. Birmingham, UK: Packt Pub.
Pantels, T. (2017). Windows Performance Toolkit: Malware Analysis. [Carpinteria, Calif.]: Lynda.com.
Samuels, D. and Rohsenow, T. (2015). Cyber security. New York: Arcler Press.
Sheldon, F. (2010). Sixth Annual Cyber Security and Information Intelligence Research Workshop. [New York, N.Y.]: [ACM].
Voeller, J. (2014). Cyber Security. Wiley.
Vostokov, D. (n.d.). Windows malware analysis.
Wu?chner, T., Pretschner, A., Pretschner, A. and Freiling, F. (n.d.). Behavior-based Malware Detection with Quantitative Data Flow Analysis.
Yin, H. and Song, D. (2013). Automatic Malware Analysis. New York, NY: Springer.
An Analysis and Averstion Of Highly Servivable Ransomware. (2017). International Journal of Recent Trends in Engineering and Research, 3(2), pp.201-205.
CABAJ, K. (2015). Network activity analysis of CryptoWall ransomware. PRZEGL?D ELEKTROTECHNICZNY, 1(11), pp.203-206.
Gazet, A. (2008). Comparative analysis of various ransomware virii. Journal in Computer Virology, 6(1), pp.77-90.
Malicious Font
Hernandez-Castro, J., Cartwright, E. and Stepanova, A. (2017). Economic Analysis of Ransomware. SSRN Electronic Journal.
Kshetri, N. and Voas, J. (2017). Do Crypto-Currencies Fuel Ransomware?. IT Professional, 19(5), pp.11-15.
Mansfield-Devine, S. (2016). Ransomware: taking businesses hostage. Network Security, 2016(10), pp.8-17.
Owens, B. (2016). ‘Ransomware’ cyberattack highlights vulnerability of universities. Nature.
Ransomware auch im Gesundheitswesen. (2016). Schweizerische Ärztezeitung, 97(4950).
Ransomware claims more victims. (2016). Network Security, 2016(12), p.2.
Ransomware defeated but new forms emerge. (2015). Network Security, 2015(11), p.2.
Ransomware hiding in the dark. (2015). Computer Fraud & Security, 2015(9), pp.3-20.
Ransomware menace will grow says Google. (2017). Computer Fraud & Security, 2017(8), p.3.
Ransomware: threat and response. (2016). Network Security, 2016(10), pp.17-19.
Sri Vayuputra, K. and K.V.D Kiran, D. (2018). Study and analyze the locky ransomware using malware analysis techniques. International Journal of Engineering & Technology, 7(2.7), p.225.
The WannaCry ransomware attack. (2017). Strategic Comments, 23(4), p.vii-ix.
Dehghantanha, A., Conti, M. and Dargahi, T. (n.d.). Cyber Threat Intelligence.
Gallo, A. (2016). Ransomware. [S.l.]: O’Reilly Media, Inc.
Liska, A. and Gallo, T. (n.d.). Ransomware.
Messier, R. (n.d.). Operating system forensics.
Mohanta, A., Velmurugan, K. and Hahad, M. (n.d.). Preventing Ransomware.
Sotto, L. (n.d.). Cybersecurity, 2017.
Street, J., Baskin, B., Sims, K. and Martin, B. (n.d.). Dissecting the hack.
Bolton, A. and Anderson-Cook, C. (2017). APT malware static trace analysis through bigrams and graph edit distance. Statistical Analysis and Data Mining: The ASA Data Science Journal, 10(3), pp.182-193.
Dai, S., Fyodor, Y., Wu, M., Huang, Y. and Kuo, S. (2011). Holography: a behavior-based profiler for malware analysis. Software: Practice and Experience, 42(9), pp.1107-1136.
Fan, L., Wang, Y., Cheng, X., Li, J. and Jin, S. (2013). Privacy theft malware multi-process collaboration analysis. Security and Communication Networks, 8(1), pp.51-67.
Garg, V. (2012). Macroeconomic Analysis of Malware. SSRN Electronic Journal.
Infectious Malware-Analysis and Protective Measures. (2015). International Journal of Science and Research (IJSR), 4(12), pp.1101-1105.
Kumar, A. and Goyal, S. (2016). Advance Dynamic Malware Analysis Using Api Hooking. International Journal Of Engineering And Computer Science.
Leenu Singh, L. and Hassan, S. (2012). Virtualization Evolution For Transparent Malware Analysis. International Journal of Scientific Research, 2(6), pp.101-104.
Mahawer, D. and Nagaraju, A. (2013). Metamorphic malware detection using base malware identification approach. Security and Communication Networks, 7(11), pp.1719-1733.
Pope, M., Warkentin, M. and Luo, X. (2012). Evolutionary Malware. International Journal of Wireless Networks and Broadband Technologies, 2(3), pp.52-60.
Popli, N. and Girdhar, A. (2017). WannaCry Malware Analysis. MERI-Journal of Management & IT, 10(2).
Potter, B. (2008). Scalable malware analysis. Network Security, 2008(4), pp.18-20.
SM-D (2012). Practical Malware Analysis. Network Security, 2012(12), p.4.
Survey Paper on APT Malware Identification using Malicious DNS and Traffic Analysis. (2015). International Journal of Science and Research (IJSR), 4(12), pp.403-405.
Tanaka, Y., Akiyama, M. and Goto, A. (2017). Analysis of malware download sites by focusing on time series variation of malware. Journal of Computational Science, 22, pp.301-313.
Yu, J., Huang, Q. and Yian, C. (2016). DroidScreening: a practical framework for real-world Android malware analysis. Security and Communication Networks, 9(11), pp.1435-1449
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
