Skip to main content Accessibility help

We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.

Close cookie message
×
Hostname: page-component-5c6d5d7d68-ckgrl Total loading time: 0 Render date: 2024-08-25T02:15:23.490Z Has data issue: false hasContentIssue false

13 - Protecting against malware

from IV - Protecting enterprises

Published online by Cambridge University Press:  11 September 2009

Mohammad Obaidat  and
Noureddine Boudriga
Mohammad Obaidat
Affiliation:
Monmouth University, New Jersey
Noureddine Boudriga
Affiliation:
Université du 7 Novembre à Carthage, Tunis
Get access

Summary

During the past few decades, there has been a significant interest in computer malicious programs. As the number of these programs keeps on increasing, efficient software solutions are needed to protect the enterprise from other living software without excessive requirement of user intervention. This chapter discusses malware definition and classification. It describes the ways that major classes of malware (e.g., viruses, worms, and Trojans) are built and propagated. It finally discusses the protection measures that an enterprise needs to develop to protect against such malware destructions. It also develops a non exhaustive set of guidelines to be followed.

Introduction to malware

Malicious software, often referred to as malware, is defined as a program or part of a program that executes unauthorized commands, generally with some malicious intention. Types of malware can be classified based on how they execute their malicious actions and propagate themselves. Viruses, worms, Trojan horses, and backdoors are the major examples of malware (Garetto et al., 2003). Other malware related terms include malcode and malware payload. Malcode refers to the programming code that contains the malware logic, while the malware payload represents the malicious action it is designed to realize (Briesemeister et al., 2003; Anagnostakis et al., 2003).

A malware can damage the host on which it is running by corrupting files and programs or over-consuming resources. Typically, this is done while the malware is avoiding the complete devastation of the host because a system failure would prevent the ability of the malware to propagate further.

Type
Chapter
Information
Security of e-Systems and Computer Networks , pp. 298 - 324
Publisher: Cambridge University Press
Print publication year: 2007

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Anagnostakis, K. G., Greenwald, M. B., Ioannidis, S., Keromytis, A. D., and Li, D. (2003). A cooperative immunization system for an untrusting internet. In Proc 11th International Conference on Networks (ICON), 2003 (available at http://www1.cs.columbia.edu/angelos/Papers/icon03-worm.pdf).Google Scholar
Briesemeister, L., Lincoln, P., and Porras, P.. Epidemic profiles and defence of scale-free networks. In Proceedings of the 2003 ACM Workshop on Rapid Malcode, SESSION: Defensive Technology, Washington, DC, ACM Press, pp. 67–75.
Ferrie, P. and P. Ször (2001). Hunting For Metamorphic. Symantec White Papers, http://www.symantec.com/avcenter/reference/hunting.for.metamorphic.pdf.
Garetto, M., Gong, W., and Towsley, D. (2003). Modeling malware spreading dynamics. In Proceedings of INFOCOM, April 2003. www.telematics.polito.it/garetto/papers/virus2003.pdfGoogle Scholar
Kienzle, D. M. and Elder, M. C.. Recent worms: a survey and trends (2003). In Proceedings of the 2003 ACM Workshop on Rapid Malcode, SESSION: Internet Worms: Past, Present, and Future, Washington, DC, ACM Press, pp. 1–10.Google Scholar
Kumar, S. and Spafford, E. H. (1992). A generic virus scanner in C++. In Proceedings of the 8th Computer Security Applications Conference, Los Alamitos CA, December 1992. ACM and IEEE, IEEE Press, pp. 210–19.Google Scholar
McAfee (2005). http://www.mcafeestore.com.
CERT (1999). CERT Advisory CA-1999–04 Melissa Macro Virus, http://www.cert.org/advisories/ca-1999-04.html
Moore, D., Paxson, V., S. Savage, Shannon, C., Staniford, S., and Weaver, N. (2003). Inside the slammer worm. IEEE Magazine of Security and Privacy, 33–9, July/August 2003.Google Scholar
Norton (2005). Norton AntiVirus 2005, http://www.download.com/Norton-AntiVirus/
Qattan, F. and F. Thernelius (2004). Software protection mechanisms and alternatives for securing computer integrity, Master Thesis. CSS Department, Stockholm University-Royal Institute of Technology.
Sophos (2005). Sophos Enterprise solution, http://www.sophos.com/products/
Symantec (2006). Symantec Anti-virus Corporate Edition, http://www.symantec.com/ Products.
Weaver, N., Paxson, V., Staniford, S., and Cunningham, R. (2003). A taxonomy of computer worms. In Proceedings of the 2003 ACM Workshop on Rapid Malcode, Washington, DC, 2003, 11–18. ACM Press. http://www.cs.berkeley.edu/nweaver/papers/taxonomy.pdf.Google Scholar
Zou, C. C., Gong, W., and Towsley, D. (2002). Code red worm propagation modeling and analysis. In 9th ACM Conference on Computer and Communications Security, 2002, ACM.Google Scholar

Save book to Kindle

To save this book to your Kindle, first ensure coreplatform@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

Available formats
×