China
Africa
Explore chapters and articles related to this topic
Design Features to Address Security Challenges in Additive Manufacturing
Published in T. S. Srivatsan, T. S. Sudarshan, K. Manigandan, Manufacturing Techniques for Materials, 2018
Nikhil Gupta, Fei Chen, Khaled Shahin
A computer worm is a stand-alone malicious computer program that replicates itself and uses a computer network to spread to other computers. Unlike a computer virus, which needs to attach itself to a program or file in order to spread from one computer to another, worms leave infections as they travel. A Trojan horse is a malicious computer program that appears to provide normal functionality, but whose execution usually takes place in the system’s background and results in harmful actions (Kemmerer 2003). Severity of this malware ranges widely: some may cause only mildly annoying effects like unwanted advertisements, while others can damage the hardware, software, or private files. Anti-virus software and firewalls are used to protect against malicious activities and to recover from attacks. The infected computers can be isolated and prevented from disseminating further trusted information by imposing an “air gap,” by completely disconnecting them from all other networks (Guri et al. 2017).
The Fundamental Concepts
Published in Mohssen Mohammed, Al-Sakib Khan Pathan, Automatic Defense Against Zero-day Polymorphic Worms in Communication Networks, 2016
Mohssen Mohammed, Al-Sakib Khan Pathan
Trojan horses can be used to ask the user to enter sensitive information in a commonly trusted screen. For example, an attacker might log in to a Windows box and run a program that looks like the true Windows log-on screen, prompting a user to type his or her username and password. The program would then send the information to the attacker and then give the Windows error for a bad password. The user would then log out, and the correct Windows log-on screen would appear; the user is none the wiser that the password has just been stolen.
Computer and Internet Crime
Published in G. K. Awari, Sarvesh V. Warjurkar, Ethics in Information Technology, 2022
G. K. Awari, Sarvesh V. Warjurkar
A Trojan horse, often known as a Trojan, is a malicious malware or software that seems to be normal but may take control of your computer. A Trojan horse is a computer software designed to damage, disrupt, steal, or otherwise harm your data or network.
A survey of phishing attack techniques, defence mechanisms and open research challenges
Published in Enterprise Information Systems, 2022
Phishing is an act of stealing financial and personal information from the Internet users (Gupta, Arachchilage, and Psannis 2018). Phishing attacks may lead to stealing of data especially personal data including login credentials and passwords to different online accounts. User falls into the trap and provides the information through some malicious links or fraud emails. It leads to a loss of a lot of personal information from the user end and can lead to identity theft and many more devastating results (Almomani et al. 2013). Nowadays, phishing attacks are the most serious threat to internet security and lead to lots of economic losses to enterprises every year (Aleroud and Zhou 2017). Phishing attacks encompass more than half of all cyber-crimes that affect genuine users. Phishing attacks also instal malicious software, like, ransomware, Trojan horse, etc., to the user’s system (Phishingpro 2016). Phishing becomes successful because many users lack Internet security knowledge and even the experienced user does not get the training of cyber-attacks (Arachchilagea, Love, and Beznosov 2016). Researchers identified that 52% of users received training no more than two times in a year and 6% users never received the training (Samarati 2020). Therefore, there is a crucial need to create an effective anti-phishing mechanism to defend the enterprises and individual users.
Assessment of supervised machine learning algorithms using dynamic API calls for malware detection
Published in International Journal of Computers and Applications, 2022
After running binary files using the cuckoo sandbox, behavioral reports are generated. We extracted the dynamic API calls of each process executed by malware or benign files. Extracted API calls belong to many categories which are shown subsequently. The API calls include registry key modification, process, file, and network operations, etc. Malicious software calls various files system functions such as NtWriteFile, MoveFileWithProgressW, DeleteFileW to disturb the system through writing malicious code in the system or deleting original system files. Also, the information about the system files is gathered by malware to make some changes in them. When a process to be executed in kernel space, windows native API are used which provide the interface of user calls in the kernel mode. Some major API functions like NTOpenProcess, NtResume Thread, NtProtectVirtualMemory are employed by malware for running their code. Malware makes some changes in registry key either for staying resident in the system or updates the attributes of system setting by using many registry keys such as RegCreateKeyExW, RegDeleteValueA, RegQueryValueExW, RegSetValueExA, RegSetValueExW. Spyware, Trojan horse or key loggers capture the user’s activities and send the credentials and key stroking to the command and control system. They open the link with host machine by invoking network and system calls like HttpOpenRequestW, HttpQueryInfoA, InternetGetConnectedState, etc. besides these other types of calls which provide the discriminative features like API hooking calls, invasive calls which detect the analysis environment (IsDebuggerPresent). In the following table, selected API calls are mentioned below.