Expanded Definition of Malware

TO: Prof. Ellis
FROM: DeAndre Badresingh
DATE: 10/27/2021
SUBJECT: Expanded Definition of Malware

Introduction

The purpose of this document is to discuss the expanded definition of my term malware. The term that I will be defining is malware in which I will discuss the previous definition and current usage of this term. In addition, I will be giving examples of how malware was used before and after updated definitions. After discussing this, I plan to divide the history of the word into different sections while also providing different ways this term was used. For example, in chronological order starting from the earliest date, I will quote how the word was defined and how the word was implemented when being discussed. Finally, towards the end I will discuss the definition but in my own way to describe it to individuals who are not so familiar with the use of this word. 

Definitions

            The history of malware goes back to as far back as the early 1970s. As the years progressed, this term has changed to mean different things yet still have the same concept. In an article that discusses the previous history of malware, there were several definitions that were used to identify this word. One of which included, “An experiment designed to test how a program might move between computers.” [1] Back then, as shown in this quote, malware was once used as an experiment to see how different programs on a device interact with each other. However, moving on to the mid-1970s, the definition for the word had been more inclusive to what it really is. It was then described as “A self-replicating program that made multiple copies of itself on a computer until it bogs down the system to such an extent that system performance is reduced and eventually crashes.” [1] These definitions are both similar to one another in the sense that they both describe how malware is incorporated inside a system. However, the way in which it was implemented was vastly different from one another. 

Context

            While there have been many versions of malware, the way how it is constructed varies. For example, the earliest definition of malware described it as an “experiment” while a more recent definition defines it as “Programs written with the intent of being disruptive or damaging to (the user of) a computer or other electronic device; viruses, worms, spyware, etc., collectively.” [3] The way how they would be used in sentences would be based on their definitions. Early definition sentences describe it as, “Malware authors disguised one of the earliest Trojans as a popular shareware program called “PC-Writer.” Once on a system, it would erase all of a user’s files.” Another most recent way malware would be used in sentences would involve, “Malware can assume many forms, from standard computer viruses to spyware and adware. Individuals may even choose to install malicious software because the malware masquerades as a beneficial program or application. Malware can cause catastrophic damage to a computer’s software, The damage malware can do to privacy may not be as obvious but it is equally, if not more, detrimental.” [2] The way how these sentences would relate to each other is that they all show how malware interacts and causes damage to its host. As explained in the quote, malware is extremely dangerous and sometimes presents itself as unpredictable.

Working Definition

            Based on the definitions from as early as the 1970s and from more recent definitions, they are all similar in the sense of how the word is actually used. That being said, a working definition for malware would be a software, file, or other content on a system that has the potential to cause substantial damage. Some instances of this includes viruses, phishing, ransomware, denial-of-service, spyware, man-in-the-middle, zero-day, attack replication vectors, and much more. All of these forms of disruption all fall under the branch of malware which makes defining this term very vague. As described by this article, “Today, malware is no longer confined to individuals acting alone on the Internet, nor is it as easy to detect, even for the most perceptive computer users.” [2] Hence, we have seen the progression of malware origin from being just an experiment, to being more specified to various types like trojans, to worm infections that can be undetected. Nonetheless, the origins of malware and how it is described now is very similar to each other. In conclusion, you must always remember that malware is made by humans and we cannot satisfy everyone. So, you can always defend yourself against malware attacks.   

References: 

[1] P. by J. Love and J. Love, “A brief history of malware-its evolution and impact,” Lastline, 19-Sep-2019. [Online]. Available: https://www.lastline.com/blog/history-of-malware-its-evolution-and-impact/.

[2] Baker, A. (2015) ‘Malware’ in Anglim, C.T., ed., Privacy Rights in the Digital Age, Amenia, NY: Grey House Publishing, 339-342, Available: https://link.gale.com/apps/doc/CX6403900139/GVRL?u=cuny_nytc&sid=bookmark-GVRL&xid=ccefd7de

[3] â€œMalware, in Oxford English Dictionary, 3rd ed, Oxford University Press, Dec. 2006, def.1 Available: https://www.oed.com

500- Word Summary of Article About Malware Detection In Self Driving Cars

TO:       Prof. Ellis
FROM:     DeAndre Badresingh
DATE:     Oct. 6, 2021
SUBJECT:  500-Word Summary of Article About Malware Detection In Self-Driving Cars

    Since transportation becomes more intelligent, it leaves it more vulnerable to cyber-attacks. There has been many times where users have lost control of their vehicle due to someone attacking their system. This is typically caused by various forms of malicious software. Malicious software replicates an already authorized software for self-driving vehicles. Methods and experiments have been put In place to analyze detection of compromised self- driving cars. Vehicle to vehicle protection is important because it allows external connections to not only provide comfort for the driver but also update the security. Security technology is analyzed and scans the security of the car for intrusion detection. 

The main method for hackers getting access to information is through the use of malicious code which allows them to gain or deny access to a user’s system. To combat this, Machine learning algorithm using the software called Adware and General Malware (AW&GM) is used to differentiate normal code from malicious code used by hackers. 

Attempted breaches come in many forms which includes malicious messages, denial of service, or even adware. A method which involves reconfiguring electronic control units uses a control module known as mitigation manager that scans for cyber-attacks. Another method for controlling these types of attacks involves an algorithm that scans for unusual patterns in within the vehicles network. Furthermore, another concept in mind was the use of cloud defense framework which allows only one gateway to monitor all traffic going into and out of the network. 

Since self-driving vehicles are usually connected to public networks security is key to protecting them due to higher chances of having the operating system compromised. On a most recent machine learning algorithm study, intrusion detection was installed into the vehicles which allows the unit to actively see real-time changes in behavioral rhythm. With this new software, the algorithm can determine the intrusion more accurately by learning, verifying, and evaluating messaging patterns.

In the event of unusually high network traffic, intrusion detection relies on scaling. Scaling prevents under or overflow of data when undergoing experiments. When the environment is right, the multiple rounds of test begins. More tests are required during the experimental phase because they may come back as false positives.  

To conclude, IDS go through the three phases of data preprocessing, modeling, and detecting. Simulated results are compared to proposed algorithms. Benign code, adware, and general malware are known as classification scenarios.

Using random forest, also known as RF, has been proven to have a higher predication accuracy. It has been concluded that using an algorithm with short learning time can use used to prove the mode accurate results. Receiver operating characterizes are also used to calculate the results from the tests. Each use of these methods revealed to have a different success result. Since transportation is ever-changing, security has to keep up to protect users.

Reference:

[1] S. Park and J.-Y. Choi, “Malware detection in self-driving vehicles using machine learning algorithms,” Journal of Advanced Transportation, vol. 2020, pp. 1–9, 2020.