Developments and Defenses of Malicious Code

2009 ◽  
pp. 356-363 ◽  
Author(s):  
Xin Luo ◽  
Merrill Warkentin
Keyword(s):  
Malicious Code ◽  
Sensitive Information ◽  
Security Threats ◽  
Computer Viruses ◽  
The Public ◽  
Highly Sensitive ◽  
Malicious Codes ◽  
In The Wild ◽  
Working Practices ◽  
E Mail

The continuous evolution of information security threats, coupled with increasing sophistication of malicious codes and the greater flexibility in working practices demanded by organizations and individual users, have imposed further burdens on the development of effective anti-malware defenses. Despite the fact that the IT community is endeavoring to prevent and thwart security threats, the Internet is perceived as the medium that transmits not only legitimate information but also malicious codes. In this cat-and-mouse predicament, it is widely acknowledged that, as new security countermeasures arise, malware authors are always able to learn how to manipulate the loopholes or vulnerabilities of these technologies, and can thereby weaponize new streams of malicious attacks. From e-mail attachments embedded with Trojan horses to recent advanced malware attacks such as Gozi programs, which compromise and transmit users’ highly sensitive information in a clandestine way, malware continues to evolve to be increasingly surreptitious and deadly. This trend of malware development seems foreseeable, yet making it increasingly arduous for organizations and/or individuals to detect and remove malicious codes and to defend against profit-driven perpetrators in the cyber world. This article introduces new malware threats such as ransomware, spyware, and rootkits, discusses the trends of malware development, and provides analysis for malware defenses. Keywords: Ransomware, Spyware, Anti-Virus, Malware, Malicious Code, Background Various forms of malware have been a part of the computing environment since before the implementation of the public Internet. However, the Internet’s ubiquity has ushered in an explosion in the severity and complexity of various forms of malicious applications delivered via increasingly ingenious methods. The original malware attacks were perpetrated via e-mail attachments, but new vulnerabilities have been identified and exploited by a variety of perpetrators who range from merely curious hackers to sophisticated organized criminals and identify thieves. In an earlier manuscript (Luo & Warkentin, 2005), the authors established the basic taxonomy of malware that included various types of computer viruses (boot sector viruses, macro viruses, etc.), worms, and Trojan horses. Since that time, numerous new forms of malicious code have been found “in the wild.”

scholarly journals An Effective Method for Predicting Malware Family

2020 ◽  
Vol 9 (4) ◽  
pp. 1230-1233
Keyword(s):  
Machine Learning ◽  
Malware Detection ◽  
Malicious Code ◽  
The Internet ◽  
Security Threats ◽  
Learning Approaches ◽  
Computer Viruses ◽  
Software Products ◽  
Internet Users ◽  
Rapid Spread

Today, many of devices are connected to internet through networks. Malware (such as computer viruses, trojans, ransomware, and bots) has becoming a critical concern and evolving security threats to the internet users nowadays. To make legitimate users safe from these attacks, many anti-malware software products has been developed. Which provide the major defensive methods against those malwares. Due to rapid spread and easiness of generating malicious code, the number of new malware samples has dramatically increased. There need to take an immediate action against these increase in malware samples which would result in an intelligent method for malware detection. Machine learning approaches are one of the efficient choices to deal with the problem which helps to distinguish malware from benign ones. In this paper we are considering xception model for malware detection. This experiment results shows the efficiency of our proposed method, which gives 98% accuracy with malimg dataset. This paper helps network security area for their efficient works.

scholarly journals ImageDetox: Method for the Neutralization of Malicious Code Hidden in Image Files

Symmetry ◽  
2020 ◽  
Vol 12 (10) ◽  
pp. 1621
Author(s):  
Dong-Seob Jung ◽  
Sang-Joon Lee ◽  
Ieck-Chae Euom
Keyword(s):  
Application Programming Interface ◽  
Malicious Code ◽  
Commercial Application ◽  
Security Threats ◽  
Virus Infections ◽  
Image File ◽  
Malicious Codes ◽  
Application Programming ◽  
Image File Format ◽  
The Difference

Malicious codes may cause virus infections or threats of ransomware through symmetric encryption. Moreover, various bypassing techniques such as steganography, which refers to the hiding of malicious code in image files, have been devised. Unknown or new malware hidden in an image file in the form of malicious code is difficult to detect using most representative reputation- or signature-based antivirus methods. In this paper, we propose the use of ImageDetox method to neutralize malicious code hidden in an image file even in the absence of any prior information regarding the signatures or characteristics of the code. This method is composed of four modules: image file extraction, image file format analysis, image file conversion, and the convergence of image file management modules. To demonstrate the effectiveness of the proposed method, 30 image files with hidden malicious codes were used in an experiment. The malicious codes were selected from 48,220 recent malicious codes purchased from VirusTotal (a commercial application programming interface (API)). The experimental results showed that the detection rate of viruses was remarkably reduced. In addition, image files from which the hidden malicious code had previously been removed using a nonlinear transfer function maintained nearly the same quality as that of the original image; in particular, the difference could not be distinguished by the naked eye. The proposed method can also be utilized to prevent security threats resulting from the concealment of confidential information in image files with the aim of leaking such threats.

Pharming Attack Designs

2011 ◽  
pp. 520-526
Author(s):  
Manish Gupta
Keyword(s):  
Web Sites ◽  
Financial Services ◽  
Personal Information ◽  
Internet Protocol ◽  
Internet Security ◽  
Sensitive Information ◽  
Security Threat ◽  
The Public ◽  
Design And Implementation ◽  
E Mail

Pharming is emerging as a major new Internet security threat. Pharming has overtaken “phishing” as the most dangerous Internet scam tactic, according to the latest Internet Security Intelligence Briefing (Veri-Sign, 2005). Pharming attacks exploit the design and implementation flaws in DNS services and the way Internet addresses are resolved to Internet protocol (IP) addresses. There are an estimated 7.5 million external DNS servers on the public Internet (MF-Survey, 2006). Pharming attacks manipulate components of the domain and host naming systems to redirect Internet entering personal and sensitive information on their fake site. Financial services’ sites are often the targets of these attacks, in which criminals try to acquire personal information in order to access bank accounts, steal identities, or commit other kinds of fraud. The use of faked Web sites makes pharming sound similar to e-mail phishing scams, but pharming is more insidious, since users are redirected to a false site without any participation or knowledge on their part. Pharming is technically harder to accomplish than phishing, but also sneakier because it can be done without any active mistake on the part of the victim (Violino, 2005). The greatest security threat lies in the fact that a successful pharming attack leaves no information on the user’s computer to indicate that anything is wrong.

scholarly journals A Descriptive Analysis of the Use of Twitter by Emergency Medicine Residency Programs

2018 ◽  
Vol 10 (1) ◽  
pp. 51-55 ◽  
Author(s):  
David Diller ◽  
Lalena M. Yarris
Keyword(s):  
Emergency Medicine ◽  
Medical Education ◽  
Descriptive Analysis ◽  
Descriptive Statistics ◽  
Mixed Methods Study ◽  
Instructional Tool ◽  
Residency Programs ◽  
The Public ◽  
Twitter Account ◽  
E Mail

ABSTRACT Background  Twitter is increasingly recognized as an instructional tool by the emergency medicine (EM) community. In 2012, the Council of Residency Directors in Emergency Medicine (CORD) recommended that EM residency programs' Twitter accounts be managed solely by faculty. To date, little has been published regarding the patterns of Twitter use by EM residency programs. Objective  We analyzed current patterns in Twitter use among EM residency programs with accounts and assessed conformance with CORD recommendations. Methods  In this mixed methods study, a 6-question, anonymous survey was distributed via e-mail using SurveyMonkey. In addition, a Twitter-based search was conducted, and the public profiles of EM residency programs' Twitter accounts were analyzed. We calculated descriptive statistics and performed a qualitative analysis on the data. Results  Of 168 Accreditation Council for Graduate Medical Education–accredited EM programs, 88 programs (52%) responded. Of those programs, 58% (51 of 88) reported having a program-level Twitter account. Residents served as content managers for those accounts in the majority of survey respondents (61%, 28 of 46). Most programs did not publicly disclose the identity or position of their Twitter content manager. We found a wide variety of applications for Twitter, with EM programs most frequently using Twitter for educational and promotional purposes. There is significant variability in the numbers of followers for EM programs' Twitter accounts. Conclusions  Applications and usage among EM residency programs are varied, and are frequently not consistent with current CORD recommendations.

What the past can say about the present and future of fire

2020 ◽  
Vol 96 ◽  
pp. 66-87
Author(s):  
Jennifer R. Marlon
Keyword(s):  
Climate Change ◽  
Terrestrial Ecosystems ◽  
Combustion Products ◽  
Temperature Changes ◽  
The Public ◽  
The Past ◽  
Warming Climate ◽  
Highly Sensitive ◽  
In Fire ◽  
Very High

AbstractWildfires are an integral part of most terrestrial ecosystems. Paleofire records composed of charcoal, soot, and other combustion products deposited in lake and marine sediments, soils, and ice provide a record of the varying importance of fire over time on every continent. This study reviews paleofire research to identify lessons about the nature of fire on Earth and how its past variability is relevant to modern environmental challenges. Four lessons are identified. First, fire is highly sensitive to climate change, and specifically to temperature changes. As long as there is abundant, dry fuel, we can expect that in a warming climate, fires will continue to grow unusually large, severe, and uncontrollable in fire-prone environments. Second, a better understanding of “slow” (interannual to multidecadal) socioecological processes is essential for predicting future wildfire and carbon emissions. Third, current patterns of burning, which are very low in some areas and very high in others—are often unprecedented in the context of the Holocene. Taken together, these insights point to a fourth lesson—that current changes in wildfire dynamics provide an opportunity for paleoecologists to engage the public and help them understand the potential consequences of anthropogenic climate change.

scholarly journals Captive-reared migratory monarch butterflies show natural orientation when released in the wild

2020 ◽  
Author(s):  
Alana A. E. Wilcox ◽  
Amy E. M. Newman ◽  
Nigel E. Raine ◽  
D. Ryan Norris
Keyword(s):  
North American ◽  
Danaus Plexippus ◽  
Release Site ◽  
Flight Simulator ◽  
Monarch Butterflies ◽  
The Public ◽  
In The Wild ◽  
Automated Telemetry ◽  
Proper Orientation ◽  
Captive Rearing

AbstractEastern North American migratory monarch butterflies (Danaus plexippus) have faced sharp declines over the last two decades. Although captive rearing has been used as an important tool for engaging the public and supplementing conservation efforts, a recent study that tested monarchs in a flight simulator suggested that captive-reared monarchs lose their capacity to orient southward during fall migration to their Mexican overwintering sites. We raised offspring of wild-caught monarchs on swamp milkweed (Asclepias incarnata) and, after eclosion, individuals were either tested in a flight simulator or radio-tracked in the wild using array of over 100 automated telemetry towers. While only 33% (7/39) of monarchs tested in the flight simulator showed strong southeast to southwest orientation, 97% (28/29) of the radio-tracked individuals were detected by automated towers south or southeast of the release site, up to 200 km away. Our results suggest that, though captive rearing of monarch butterflies may cause temporary disorientation, proper orientation is likely re-established after exposure to natural skylight cues.

scholarly journals INTENSITAS ANCAMAN KEAMANAN SISTEM INFORMASI AKUNTANSI KOMPUTERISASIAN

2018 ◽  
Vol 10 (3) ◽  
pp. 113-126
Author(s):  
YULIUS KURNIA SUSANTO ◽  
RATIH HANDAYANI
Keyword(s):  
Questionnaire Survey ◽  
Security Threats ◽  
Computer Viruses ◽  
On Line ◽  
Bad Data

The objective of the paper was (1) there are significant security threats of CAIS on the organization types, (2) there is difference among the organization types regarding the security threats of CAIS, (3) there are difference between integration-on line and integration-manual CAIS regarding the security threats of CAIS. Eighty four respondents from Jakarta organizations had participated in this research. The collecting data used a  questionnaire survey via electronicmail and post. Data were analyzed using a Kruskal-Wallis test. The resultsshowed that first there is significant security threats of CAIS in Jakarta Organizations, like that the accidental entry of bad data, accidental destruction of data, employees’ sharing of passwords and introduction of  computer viruses the to CAIS are the significant security threats of CAIS in Jakarta Organizations.  Second, there is no difference among the organization types regarding the security threats of CAIS. Third, there is no difference between integration-on line and integration-manual CAIS regarding the security threats of CAIS. But, there is difference between integration-on line and integration-manual CAIS regarding introduction of computer viruses to the CAIS.

scholarly journals Email Vs. Instagram Recruitment Strategies For Online Survey Research

2021 ◽  
Vol 32 (1) ◽  
pp. 67-77
Author(s):  
Rafael R. Moraes ◽  
Marcos B. Correa ◽  
Ândrea Daneris ◽  
Ana B. Queiroz ◽  
João P. Lopes ◽  
...  
Keyword(s):  
Survey Research ◽  
Online Survey ◽  
Large Population ◽  
Population Sample ◽  
Target Population ◽  
Recruitment Strategies ◽  
The Public ◽  
Conversion Rates ◽  
Methodological Aspects ◽  
E Mail

Abstract In this study, we describe a method for reaching a target population (i.e., dentists practicing in Brazil) to engage in survey research using traditional e-mail invites and recruitment campaigns created on Instagram. This study addresses methodological aspects and compares respondents reached by different methods. A pre-tested questionnaire was used and participants were recruited for 10 days via a source list of email addresses and two discrete Instagram organic open campaigns. A total of 3,122 responses were collected: 509 participants were recruited by email (2.1% response rate) and 2,613 by the two Instagram campaigns (20.7% and 11.7% conversion rates), respectively. Response/min collection rates in the first 24 h ranged between 0.23 (email) and 1.09 (first campaign). In total, 98.8% of all responses were received in the first 48 h for the different recruitment strategies. There were significant differences for all demographic variables (p< 0.001) between email and Instagram respondents, except for sex (p=0.37). Instagram respondents were slightly older, had more professional experience (years in practice), and a higher graduate education level than email respondents. Moreover, most email and Instagram respondents worked in the public sector and private practice, respectively. Although both strategies could collect responses from all Brazilian regions, email responses were slightly better distributed across the five territorial areas compared to Instagram. This study provides evidence that survey recruitment of a diverse, large population sample using Instagram is feasible. However, combination of email and Instagram recruitment led to a more diverse population and improved response rates.

scholarly journals The external environment of birds as a factor of immunobiochemical conditions

2020 ◽  
Vol 9 (3) ◽  
pp. 152-157
Author(s):  
Rinat R. Fatkullin ◽  
Aikumis K. Saken
Keyword(s):  
Metabolic Disorders ◽  
Clinical Manifestations ◽  
The Body ◽  
Household Waste ◽  
Trophic Chain ◽  
Behavioral Strategies ◽  
The Public ◽  
Initial Stage ◽  
Highly Sensitive

Abnormal environmental factors contribute to advanced behavioral strategies in higher regulatory centers as well as to the assessment of possible morphofunctional and energy transformations in the body. Animals, especially birds, which are characterized by curiosity, are highly sensitive to the presence of environmental pollution, since they interact with elements of the environment and surroundings. Contamination of broiler products can also be caused by contaminated soil and dust, unknown sources of persistent heavy metals and organic pollutants that are unknown to the public, such as car wreckage, household waste, and so on. In general, adverse factors that regularly affect small details do not require significant changes in the body at the initial stage, mainly affect non-specific mechanisms that lead to long-term activation. The paper contains significant work based on the analysis of microbiogenic links in the trophic chain, but the formation of processes associated with metabolic disorders from the development of trace elements to clinical manifestations is still insufficiently studied, so it is difficult to diagnose and treat previously unknown animal diseases in veterinary practice.

scholarly journals Efficient and Privacy-Preserving Multi-User Outsourced K-Means Clustering

2021 ◽  
Vol 14 (2) ◽  
pp. 26
Author(s):  
Na Li ◽  
Lianguan Huang ◽  
Yanling Li ◽  
Meng Sun
Keyword(s):  
Data Mining ◽  
Big Data ◽  
Clustering Algorithm ◽  
Privacy Preserving ◽  
Locality Sensitive Hashing ◽  
Sensitive Information ◽  
The Public ◽  
Big Data Mining ◽  
Euclidean Distances ◽  
Computational Resources

In recent years, with the development of the Internet, the data on the network presents an outbreak trend. Big data mining aims at obtaining useful information through data processing, such as clustering, clarifying and so on. Clustering is an important branch of big data mining and it is popular because of its simplicity. A new trend for clients who lack of storage and computational resources is to outsource the data and clustering task to the public cloud platforms. However, as datasets used for clustering may contain some sensitive information (e.g., identity information, health information), simply outsourcing them to the cloud platforms can&#39;t protect the privacy. So clients tend to encrypt their databases before uploading to the cloud for clustering. In this paper, we focus on privacy protection and efficiency promotion with respect to k-means clustering, and we propose a new privacy-preserving multi-user outsourced k-means clustering algorithm which is based on locality sensitive hashing (LSH). In this algorithm, we use a Paillier cryptosystem encrypting databases, and combine LSH to prune off some unnecessary computations during the clustering. That is, we don&#39;t need to compute the Euclidean distances between each data record and each clustering center. Finally, the theoretical and experimental results show that our algorithm is more efficient than most existing privacy-preserving k-means clustering.

Sign in / Sign up

Export Citation Format

Share Document