MALWARE DETECTION TECHNIQUES
Submitted by,
Sachin Boban (Team Leader)
Ashwin Jacob
Assim Ambadi
Mohammed Gifil
Rahul P Nair
Stein Astor Fernandez
Thridev Suvarnan
INTRODUCTION
What is malware?
Malware, short for malicious software, is software used or created to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software.
Malware includes computer viruses, worms, Trojan horses, spyware, adware, and other malicious programs. In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. states. Malware is not the same as defective software, which is software that has a legitimate purpose but contains harmful bugs that were not noticed before release. However, some malware is disguised as genuine software, and may come from an official company website. An example of this is software used for harmless purposes that is packed with additional tracking software that gathers marketing statistics.
Different Types of Malware
Viruses: A computer virus is code that replicates by inserting itself into other programs. A program that a virus has inserted itself into is infected, and is referred to as the virus’ host. A virus needs an existing host program in order to cause harm.
Worms: A computer worm replicates itself by executing its own code independent of any other program. The primary distinction between a virus and a worm is that a worm does not need a host to cause harm. Another distinction between viruses and worms is their propagation model. In general, viruses attempt to spread through programs/files on a single computer system. However, worms spread via network connections with the goal of infecting as many computer systems connected to the network as possible.
Trojans: A Trojan is a