Preview

Malware Analysis Paper

Powerful Essays
Open Document
Open Document
2168 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Malware Analysis Paper
The advent of networks and information systems revolutionized the way that individuals and large organizations conduct daily operations. Individuals utilize computers to check electronic mail, surf the internet, pay bills, and even go to school for their degrees. Large organizations do the same things, but in a much larger scale. Additionally, these large organizations utilize information systems to store sensitive data from its clientele and its employees. This information may include social security numbers, credit card information, birth dates, account numbers, and other personal identifiable information. What this amounts to is a gold mine for cyber criminals and motivation for them to breach these information systems to collect that data …show more content…

Additionally, this will ensure that the organization’s network and information systems can be restored and containment measures may be rescinded. Finally, to ensure that the malware analysts are able to safely maintain and analyze a sample of the malware, they must first have the proper malware analysis environment and tools available.
2.2 Malware Analysis Techniques
There are three techniques that malware analysts can utilize to conduct malware analysis, static analysis, dynamic analysis, and temporal analysis. According to Sikorski and Honig (2012), static analysis involves examining the file and using a disassembler to reverse engineer malware; while dynamic analysis involves running the malware in a safe environment and using a debugger to analyze executable malware. Temporal analysis is based on analyzing a system over time. Even though static analysis and dynamic analysis can be done separately, its effectiveness in malware analysis is increased if done in conjunction.
2.2.1 Static
…show more content…

Malware analysts are needed more than ever to be ready to meet this threat and protect the information systems of their organizations. Additionally, it is imperative that malware data become openly shared between malware analysts to ensure their information systems and networks are hardened against identical attacks.
This document provided information regarding malware incident response policies and procedures. These policies and procedures provided an understanding of the scope of the malware incident response plan, the roles and responsibilities of the incident response team members, and the method of maintaining malware for analysis. Also, this document provided the various malware analysis techniques available and information regarding the environment and tools needed to conduct the analysis. Finally, this document provided the critical skills needed by malware analysts and other members of the malware incident response


You May Also Find These Documents Helpful

  • Powerful Essays

    IS3110 U5L1

    • 912 Words
    • 4 Pages

    One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.…

    • 912 Words
    • 4 Pages
    Powerful Essays
  • Satisfactory Essays

    IS4799

    • 675 Words
    • 8 Pages

    IS4799 Information Systems and Cybersecurity Capstone Project Unit 2 RFP Bidder’s Conference © ITT Educational Services, Inc. All rights reserved. Learning Objective and Key Concepts…

    • 675 Words
    • 8 Pages
    Satisfactory Essays
  • Satisfactory Essays

    It205 Capstone Question

    • 633 Words
    • 3 Pages

    Malicious software, referred to as malware, can contain a variety of threats, from data loss to system failures. There are several types of worms, viruses, Trojan horses and spyware, which can be delivered in a variety of ways. Computer viruses are a type of software or executable file that attaches itself to other programs to be uses. Viruses can cause system failures, rewrite hard drives, or destroy files and programs. Worms are similar to viruses, but are independent programs, rather that attaching to others. Viruses have a tendency to spread more rapidly over networks and through e-mail. Trojan horses are based off their namesake, in which they appear to benign types of programs, but when executed can introduce malware into your system. Spyware is programing that can track computer use. Forms of…

    • 633 Words
    • 3 Pages
    Satisfactory Essays
  • Better Essays

    The CIO has requested that we follow up with a plan that is detailing a strategy for addressing all risks identified in the previous research. This plan needs to identify controls in administration, preventative, detective and corrective. With this data, the business will be able to mitigate each risk that we identified earlier. The following paper will explain the approach to correcting the various malware.…

    • 1122 Words
    • 4 Pages
    Better Essays
  • Satisfactory Essays

    Why is it recommended to do an anti-virus signature file update before performing an anti-virus scan on…

    • 1020 Words
    • 6 Pages
    Satisfactory Essays
  • Powerful Essays

    BUS 520 Case 1 1

    • 1885 Words
    • 6 Pages

    The computer virus employees of Symantec Corp. are never able to enjoy a finished product. They are constantly collecting viruses and suspicious codes to analyze the way they work and to find a solution to prevent these viruses form damaging the public’s computers. They are determined to provide their consumers with updated versions of anti-viruses for their computers. At the Symantec lab, they have a box, which has all dangerous types of viruses that needs or be disposed of. Vincent Weafer has been a part of Symantec since 1999. In 1999, there were only a few employees at Symantec and that there were only a few viruses spread out through months compared to how it is now. Nowadays there are about 20,000 viruses monthly spread out, so more talented employees around the world work for Symantec. Vincent Weafer said that colleges are not creating computer security experts everyday so as soon as they find someone who does, that no matter in what country they hire him or her. The Blaster-B worm made Symantec employees work really hard and this proved that they needed more employees would be more talented towards fixing these problems. Each employee has their own job; some people are managers who are responsible for responding to new security threats, some write research papers, some develop tools that will be used to fight the viruses and even some who find out about the new viruses. Symantec never stops meaning that the labs switch when they are done for the day. Vincent Weafer wants to have a well-defined process for dealing with the viruses that are found every day.…

    • 1885 Words
    • 6 Pages
    Powerful Essays
  • Satisfactory Essays

    Mia Mccain Cook

    • 901 Words
    • 4 Pages

    Networking and Telecommunications Virus and Malware Eradication Administrative and Support Services Security Policies and Implementation Project Management and Ethics System Forensics and Investigation…

    • 901 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    NT2580

    • 526 Words
    • 5 Pages

    All rights reserved. Page 5 Types of Threats  Malicious software  Device failure  Application failure  Natural disaster  Intrusive cracker NT2580 Introduction to Information Security © ITT Educational Services, Inc.…

    • 526 Words
    • 5 Pages
    Satisfactory Essays
  • Better Essays

    * User education in awareness, safe computing practices, indicators of malicious code, and response actions.…

    • 932 Words
    • 4 Pages
    Better Essays
  • Satisfactory Essays

    Sesamware is a Japanese software company which is very popular for open source software. Sesamware got international approval with an online multiplayer fantasy dimension game, Para World in mid-1990. Para world was very popular in the world between 2001 and 2004. Firstly, it was installed as part of the bundle downloaded by hundreds of millions of gamers around the globe. The open source code helped to easily adapt every facet of computer life for all platforms and operating, networking, navigation and security systems.…

    • 892 Words
    • 4 Pages
    Satisfactory Essays
  • Powerful Essays

    Lab 4

    • 1087 Words
    • 3 Pages

    4. What Trends were tracked when it came to Malicious Code in 2009 by the Symantec Report researched during this lab?…

    • 1087 Words
    • 3 Pages
    Powerful Essays
  • Better Essays

    Bibliography: U.S. Department of Homeland Security. (n.d.). Cyber-Security. Retrieved from Department of Homeland Security: http://www.dhs.gov/cybersecurity…

    • 1965 Words
    • 8 Pages
    Better Essays
  • Good Essays

    - Free antivirus software (for example Avast) are a big threat for traditional IT security companies.…

    • 872 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Trojan Virus

    • 1500 Words
    • 6 Pages

    Trojan horse is a program which contained a malicious or harmful code inside data that can control or damage the data, such as erasing data in the hard drive and may change computing system into a killing machine. Trojan virus has become common among hackers and the availability of advertising services that permit authors to violate the user’s privacy. 83 percent of the global malware is Trojan virus according to BitDefender from January to June 2009. This paper would generally talk about:    History of Trojan Horse virus, Types of Trojan Horse Virus, How Trojan virus is used to control a computing system or data.…

    • 1500 Words
    • 6 Pages
    Powerful Essays
  • Good Essays

    Notice must be taken that this publication represents the views and interpretations of the editors, unless stated otherwise. This publication should not be construed to be an action of ENISA or the ENISA bodies unless adopted pursuant to ENISA Regulation (EC) No 460/2004. This publication does not necessarily represent the state-of the-art in botnet measurement, defence and disinfection and it may be updated from time to time. Third-party sources are quoted as appropriate. ENISA is not responsible for the content of the external sources, including external websites referenced in this publication. This publication is intended for educational and information purposes only. Neither ENISA nor any person acting on its behalf is responsible for the use that might be made of the information contained in this publication. Reproduction is authorised provided the source is acknowledged. © European Network and Information Security Agency (ENISA), 2011…

    • 59262 Words
    • 172 Pages
    Good Essays