Spyware-type software product and analysis of its resistance to detection by security tools

Authors

  • Олександр Олександрович Ковальов кафедра твердотільної електроніки та інформаційної безпеки фізичного факультету УжНУ
  • Олександр Ілліч Чобаль кафедра твердотільної електроніки та інформаційної безпеки фізичного факультету УжНУ
  • Василь Михайлович Різак кафедра твердотільної електроніки та інформаційної безпеки фізичного факультету УжНУ

DOI:

https://doi.org/10.18372/2410-7840.22.14980

Keywords:

Spyware, malware, software spy, keylogger, Windows

Abstract

In the period of active development of information technologies, the problem of confidentiality is extremely urgent. Today, there are several thousand varieties of malware that work according to different algorithms. However, they are all united by the fact that they are created specifically for unauthorized modification, destruction, blocking and copying of information by the user, disrupting the operation of the computer and computer networks. Spyware is software that collects and transmits information about a user without their consent. This information may include his personal data, the configuration of his computer and operating system, and Internet statistics. The basic set of functions of the spyware can include functions for reading information from the user's keyboard, taking screenshots of the monitor screen, logging sites visited by the user, unsanctioned analysis of the security system status, and much more. There is a type of malware that can cause significant damage to the user's privacy and at the same time they will be unnoticed even for specialized programs. We are talking about spyware. To detect spyware in the system, user should use specialized software that is aimed at identifying this type of threat. However, even they cannot guarantee complete security. This article describes the main types of spyware and has developed a “system monitor” Spyware, the task of which is to collect information about users with the possibility of further processing and transmission. The efficiency of the developed program is demonstrated on the basis of the collected data and negative results of scanning the system by specialized software. The features of the work of software spies are examined and an analysis of their behavior is carried out, which results can be used at development of probabilistic methods for finding programs of the type under investigation.

References

. J. Yan, Y. Qi and Q. Rao, "Detecting malware with an ensemble method based on deep neural network", Secur. Commun. Netw., vol. 2018, Mar. 2018.

. P. Wang and Y.-S. Wang, "Malware behavioural detection and vaccine development by using a support vector model classifier", J. Comput. Syst. Sci., vol. 81, no. 6, 2015.

. R. Islam, R. Tian, L. M. Batten and S. Versteeg, "Classification of malware based on integrated static and dynamic features", J. Netw. Comput. Appl., vol. 36, no. 2, 2013.

. Ladakis E., Koromilas L., Vasiliadis G., Polychronakis M., Ioannidis S. "You Can Type, but You Can’t Hide: A Stealthy GPU-based Keylogger." In Proceedings of the 6th European Workshop on System Security. EuroSec, Prague, Czech Republic, April 2013.

. Hassell J., Campbell T.: "Windows Vista: Beyond the Manual"; Apress,. New York (2007)

. Steven D. Gribble Alexander Moshchuk, Tanya Bragin and Henry M. Levy. A CrawlerBased Study of Spyware on the Web. In Proceedings of the Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2006.

. Combating Spyware: H.R. 29, the SPY Act : Hearing Before the Committee on Energy and Commerce, House of Representatives, One Hundred Ninth Congress, First Session, January 26, 2005.

. Thompson, R. Why Spyware Poses Multiple Threats to Security. Communications of the ACM 48, 8 (2005).

. Saroiu, S., Gribble, S., Levy, H. Measurement and Analysis of Spyware in a University Environment. In Usenix NSDI (2004).

. Christodorescu, M., Jha, S. Testing Malware Detectors. In ACM International Symposium on Software Testing and Analysis (ISSTA) (2004).

. Muhammad Aslam, Rana Naveed Idrees, Mirza Muzammil Baig, and Muhammad Asif Arshad, "Anti-Hook Shield against the Software Key Loggers", National Conference on Emerging Technologies 2004.

. https://docs.microsoft.com

. https:// bitdefender.com/

. https://iobit.com/en/malware-fighter.php

. https://malwarebytes.com/spyware

. https://techradar.com/best/best-windows-10-antivirus

.https://virustotal.com/gui/file/096f87ae423557d8d2b4a19437058f104fa7dab58ec29fd85eac3a9e5aa10c1a/detection

Downloads

Published

2020-09-30

Issue

Vol. 22 No. 3 (2020)

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).