Cyber security is the act of protecting digital information and information systems. It focuses on protection of valuable information stored on those systems from adversaries who would want to obtain, corrupt, damage, destroy or prohibit access to it. Hence, it is a crucial part of the IT field. Malicious software, or malware, is a cyber security threat that affects the user's computer system by exploiting the system's vulnerabilities. It is one of the major threats to the security of information in the computer systems. Therefore, there is a need for malware protection. Although, the existing security solutions generally protect the computer system against known risks they are vulnerable to yet unknown risks. is it is generally difficult to predict, how anti-malware software would react to new, unknown malicious software? And for that reason, malware protection remains in the continuous development phase.
Introduction
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyber-attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes[17]. The field is expanding in importance due to increasing dependence on computer systems, the Internet and wireless networks such as Bluetooth and Wi-Fi, and due to the populous increase of 'smart' devices, including smartphones, televisions and the various other devices. It is also one of the major challenges of the modern world [22]. Cyber security is needed because there are threats to the cyber world. One of the major players in that section is malware. Malware is one of today’s biggest threats in computer security. new mobile malware that is emerging on a daily basis further introduces new security risks [5]. Though the existing security solutions generally protect mobile devices against known risks they are vulnerable to yet unknown risks [4]. Malware protection is more important today than ever since cyber security malware threats like viruses and trojans are on a sky-rocketing high.
Save your time!
We can take care of your essay
- Proper editing and formatting
- Free revision, title page, and bibliography
- Flexible prices and money-back guarantee
Place an order
Literature Review
It’s the 21st century or as its more famously known as, the age of electronics. Everything from the most complex of tasks to the basic of works is now digital in nature, and because of that particular fact, day-to-day tasks are easy and convenient to perform. But not everything is all good, this digital age has its own drawbacks. As with the added benefits of digitization of data, come the threats of the digital world. Cyber crime is almost an integral part of this world and cyber security, a well thought and needed counter measure. Cyber security is the act of protecting information and information systems technological solutions for safeguarding personal data and computer networks are essential but not sufficient to ensure security [2]. As one talks about cyber security, the foremost thing which comes to our minds is the increasing number of cyber-crimes. Governments around the world are taking steps to prevent these cyber-crimes [1]. Cyber ethics, cyber safety, and cyber security should be integrated for better approach. Recently Cybersecurity has emerged as an established discipline for computer systems and infrastructure with a focus on protection of valuable information stored on those systems from adversaries who want to obtain, corrupt, damage, destroy or prohibit access to it. mobile computing, cloud computing, e-commerce, and social networking are the emerging trends of cybersecurity by adopting new technologies. Also there are some challenges that are caused due to lack of coordination between security agencies and the critical IT infrastructure [2]. Turning to the other side of the coin, malware is one of the biggest security threats faced by the cyber community. Malware, or malicious software, exploits the system’s vulnerabilities to infest itself in the system and then harm the data stored in the system by the user. It is generally difficult to predict how anti-malware software reacts to new, unknown malicious software. Therefore, the anti-malware software is in continuous development phase in order to be able to detect new malware or new variants of existing malware, ironically, so is malware [5].
Importance
The government, military, corporate, financial, and medical organizations collect, process, and store unprecedented amounts of data on computers and other devices. An important portion of that data can be sensitive information, whether that be intellectual property, financial data, personal information, or other types of data for which unauthorized access or exposure could have negative consequences. Organizations transmit sensitive data across networks and to other devices in the course of doing businesses, and cybersecurity describes the discipline dedicated to protecting that information and the systems used to process or store it [20]. In today’s connected world, everyone benefits from advanced cyber defense programs. At an individual level, a cybersecurity attack can result in everything from identity theft, to blackmail attempts, to the loss of important data like family photos [10]. Everyone relies on the crucial ground like power plants, hospitals, cloud computing, and financial service companies. Securing these and other organizations is essential to keeping our society functioning, hospitals, and financial service companies [9].
Objective
Computer security broadly has four objectives: confidentiality, availability, integrity, and non-repudiation. the first and foremost objective is confidentiality that is keeping information away from people who should not have it. Accomplishing this objective requires that we know what data we are protecting and who should have access to it [27]. After confidentiality there comes availability which is ensuring that data stored in the computer can be accessed by the people who should access it. Availability is a broad subject addressing things such as fault tolerance to protect against denial of service and access control to ensure that data is available to those authorized to access it. Most computers can at least differentiate between two classes of users: system administrators and general end users. In simple words, integrity means assuring that the information stored in the computer is never contaminated or changed in a way that is not appropriate. Both confidentiality and availability contribute to integrity. Keeping data away from those who should not have it and making sure that those who should have it can get it are fairly basic ways to maintain the integrity of the data. Security is a large enough task just trying to meet the confidentiality-integrity availability objectives. Technologies used for those objectives are also used to create business-related functions for NR, which allows the formation of binding contracts without any paper being printed for written signatures. NR is new and not broadly used, but most security experts agree that it will be based on digital signatures. therefore non-repudiation (NR) means the assurance that someone cannot deny the validity of something.
Challenges
The toughest challenge in cybersecurity is the ever-growing nature of security risks. Traditionally, organizations and the government have focused most of their cybersecurity resources on perimeter security to protect only their most crucial system components and defend against known threats. Today, this approach is insufficient, since the threats are advanced and change more quickly than organizations can keep up with[21]. As a result, consulting organizations promote more proactive and adaptive approaches to cyber security.
Ransomware Evolution
Ransomware is the bane of cybersecurity, IT, data professionals, and executives. Perhaps nothing is worse than a spreading virus that latches onto customer and business information that can only be removed if you meet the cybercriminal’s egregious demands. And usually, those demands land in the hundreds of thousands (if not millions) of dollars.
A.I. Expansion Artificial Intelligence might be able to help defend against incoming cyber-attacks. The list of actual AI applications is already long and growing. Faster and more accurate credit scoring for banks, improved disease diagnosis and treatment development for health care companies, and enhanced engineering and production capabilities for manufacturers are just a few examples. But it’s not all good, the Artificial Intelligence, if configured, could do more harm than good.
Serverless App Vulnerability Serverless apps can invite cyber-attacks. Customer information is particularly at risk when users access your application off-server — or locally — on their device. Unfortunately, with all of the vulnerability that serverless apps represent, they don’t seem to be going anywhere in the years to come.
IoT Threats Most people are always plugged in. The vast majority of humans in first-world countries have an iPhone in their pockets, a computer at work, a television at home, and a tablet in their cars. The Internet of things is making sure that every single device you own is connected. Of course, all of that connection carries with it massive benefits, which is what makes it so appealing in the first place. The problem is that all of that interconnectedness makes consumers highly susceptible to cyberattacks. Many of the devices have serious vulnerabilities.
Applications of Cyber Security
- Filtered Communication – include a firewall, anti-virus, anti-spam, wireless security and online content filtration.
- Protection – cyber security solutions provide digital protection to your data that will ensure your employees aren’t at risk from potential threats.
- Increased productivity – viruses can slow down computers to a crawl, and making work practically impossible. Effective cyber security eliminates this possibility, maximizing the potential output.
- Denies Spyware – spyware is a form of cyber infection which is designed to spy on your computer actions, and relay that information back to the cyber-criminal.
Malware
Malware is one of the most dangerous phenomenon spreading over the Internet. it is a file or code, typically delivered over a network, that infects, explores, steals or conducts virtually any behaviour an attacker wants. It varies in type and capabilities [16]. In fact, most Internet problems such as spam e-mails and denial of service attacks have malware as their underlying cause. With the increasing significance of malware in Internet attacks, much research has concentrated on developing techniques to collect, study, and mitigate malicious code. Therefore in order to protect our systems from a hazardous act of malware, it is necessary to collect and study malware found on the Internet.
What Does it Do
- Provide remote control to an attacker for use of the Infected Machine: the malware controls a system through a remote network connection, things like this are not known to the victim.
- Send spam from the infected machine to unsuspecting targets: compromised applications are the most common delivery system used by hackers to transfer malware to users’ devices. Malware operators will usually choose popular apps to repackage or infect, increasing the likelihood that victims will download their rogue version.
- Investigate the infected user’s local network: inserting malware into legitimate online ad networks to target a broad spectrum of end users. The ads appear to be perfectly normal and appear on a wide range of apps and web pages.
- Steal sensitive data: malware uncovers victims of personal and proprietary information with the intent of monetizing stolen data through direct use or underground distribution.
Types of Malware
- Viruses – programs that copy themselves throughout a computer or network. Viruses piggyback on existing programs and can only be activated when a user opens the program. At their worst, viruses can corrupt or delete data, use the user’s email to spread, or erase everything on a hard disk.
- Worms – self-replicating viruses that exploit security vulnerabilities to automatically spread themselves across computers and networks. Unlike many viruses, worms do not attach to existing programs or alter files. They typically go unnoticed until replication reaches a scale that consumes significant system resources or network bandwidth.
- Trojans - malware disguised in what appears to be legitimate software. Once activated, Trojans will conduct whatever action they have been programmed to carry out. Unlike viruses and worms, Trojans do not replicate or reproduce through infection.
- Rootkits – programs that provide privileged (root-level) access to a computer. Rootkits vary and hide themselves in the operating system.
- Remote Administration Tools (RATs) – software that allows a remote operator to control a system. These tools were originally built for legitimate use, but are now used by threat actors. RATs enable administrative control, allowing an attacker to do almost anything on an infected computer. They are difficult to detect.
- Spyware – malware that collects information about the usage of the infected computer and communicates it back to the attacker.
- Botnets – short for ‘robot network’, these are networks of infected computers under the control of single attacking parties using command-and-control servers. Botnets are highly versatile and adaptable, able to maintain flexibility through redundant servers and by using infected computers to relay traffic. Botnets are often the armies behind today's distributed denial-of-service (DDoS) attacks.
Propagation Techniques
- Web browsing - the easiest way of getting infected is through drive-by-download. Malware often spreads through unwanted software downloads, malicious PDF documents, pictures, word documents, or fake software. Using this technique, malware developers have no target other than to infect as many computers as possible. Modern browsers like Chromium (the open source project on which Google developed Chrome) include two mechanisms that are designed with security in mind.
- USB thumb drives - thumb drives(or USB drives) are also used to spread malicious software. This method uses the Autorun feature to launch malware when the storage device is connected by the operating system. A common attack situation is performed by intentionally dropping USB drives in front of targeted organizations.
- Email Spear Phishing - spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. Spear phishing attempts are not initiated by random attackers, but are more likely to be administered by perpetrators out for financial gain, trade secrets or military information. Similar to e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the same observe frequently visited websites that they visit and trust, afterwards they infect these websites with malware in the hope that a person from the targeted group will get infected. here lies the drawback of data science(data mining) as well.
Malware Protection
Malware security protection provides that second vital layer of protection for your computer or network. The increased need for malware protection also has to do with the widespread availability today of sophisticated tools originally intended for cyber espionage and cyber warfare.
- Access control and password security: the concept of user name and password has been a key way of protecting our information. This may be one of the first measures regarding cyber security and protection.
- Authentication of data: the documents that we receive must always be authenticated be before downloading that is it should be checked if it has introduced from a trusted and a safe source and that they are not altered. Authenticating of these documents is usually done by the anti-virus software present in the devices. Thus a good anti-virus software is also essential to protect the systems from viruses.
- Malware scanners: this is software that usually scans all the files and documents present in the system for malicious code or harmful viruses. Viruses, worms, and Trojan horses are examples of malicious software that are often grouped together and mentioned to as malware.
- Firewalls: a firewall is a software program or piece of hardware that helps mask out hackers, viruses, and worms that try to reach our computer over the Internet. All messages entering or leaving the internet pass through the firewall present, which examines each message and blocks those that do not meet the specified security criteria. Hence firewalls play an important role in detecting the malware.
- Anti-virus software: antivirus software is a computer program that detects, prevents, and takes action to defeat or remove malicious software programs, such as viruses and worms. Most antivirus programs include an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as they are discovered. An anti virus software is a must and basic necessity for every system.
Conclusion
Cybersecurity is a vast field that is becoming more important because the world is becoming densely interconnected as networks being used to carry out risky transactions. This also results in malware being spread like wildfire. As a result, cyber-crime continues to pass up different paths with each year that passes and so does the security of public data. Although, the existing security solutions generally protect systems against known risks at the same time they are vulnerable to, yet unknown, risks. It is generally difficult to predict how anti-malware software reacts to new, unknown malicious software. The latest and disruptive technologies, along with the new cyber tools and threats that come to light each day, are challenging organizations with knowledge of not only knowing how to secure their infrastructure but also, which new platforms and intelligence they require to do so. There is no ideal or long-lasting solution for cyber-crime, it keeps on evolving as the crimes do. But the ability to try our level best to minimize them is the security that stands in between to ensure a safe and secure future in cyberspace.
References
- Niyati Parikh, Deep Patel, Roshni Patel. A Disquisition of Cyber Crime. IJSTE – International Journal of Science Technology and Engineering – April – 2017.
- Vairaprakash Gurusamy, Bharagav Hirani. Cyber Security for Our Digital Life. National Conference on Innovations and Computer Technology and its Applications (NCICTC) – 2018.
- Aru Okereke Eze, Chiaghana Chukwunonso E.. Malware Analysis and Mitigation in Information Preservation. IOSR Journal of Computer Engineering (IOSR-JCE) – Jul – Aug 2018.
- Sevil Sen, Emre Aydogan, Ahmet I. Aysan. Co-evolution of Mobile Malware and AntiMalware. IEEE Transactions on Information Forensics and Security – Oct – 2018.
- Frankie E. Catota, M. Granger Morgan, Douglas C. Sicker. Cybersecurity Education in a Developing Nation: The Ecuadorian Environment. Journal of Cybersecurity – 2019.
- Computer_Networks_5th_Edition_Andrew_S_Tanenbaum_David_J_Wetherall: pearson education.
- Computer security principles and practice: William stallings and lawrie brown publisher: pearson education.
- IEEE Cybersecurity – Home of the IEEE Cybersecurity Initiative https://cybersecurity.ieee.org/
- www.threattrack.com
- https://academic.oup.com/cybersecurity/article/5/1/tyz001/5382610?searchresult=1
- www.link.springer.com
- http://static.usenix.org/events/sec09/tech/full_papers/kolbitsch.pdf
- https://www.ijert.org/research/malware-and-malware-detection-techniques-a-surveyIJERTV2IS120163.pdf
- https://researchgate.com
- https://www.researchgate.net/publication/272238656_A_Survey_on_Malwares_and_Malw_are_Detection_Systems
- https://www.researchgate.net/publication/269399065_A_LITERATURE_REVIEW_ON_ MALWARE_AND_ITS_ANALYSIS
- http://land.threattracksecurity.com/Security-Analysts-Say-Defending-Against-AdvancedMalware-Still-A-Major-Struggle.html
- https://www.ijert.org/research/malware-and-malware-detection-techniques-a-surveyIJERTV2IS120163.pdf
- https://www.engpaper.com/cyber-security-2017.html
- https://digitalguardian.com/blog/what-cyber-security
- https://digitalguardian.com/blog/what-cyber-security
- https://en.wikipedia.org/wiki/Computer_security
- https://en.wikipedia.org/wiki/Malware
- https://www.paloaltonetworks.com/cyberpedia/what-is-malware
- https://www.ivanti.com/blog/malware-protection-cybersecurity-threats
- https://www.kaspersky.co.in/resource-center/preemptive-safety/what-is-malware-and-howto-protect-against-it
- http://www.informit.com/articles/article.aspx?p=26952
- https://www.bcg.com/en-in/publications/2018/artificial-intelligence-threat-cybersecuritysolution.aspx