The document provides an overview of various types of malware, including viruses, worms, trojans, and ransomware, along with their functions and methods of infection. It also discusses techniques for malware analysis and the importance of antivirus software in preventing and mitigating malware threats. Additionally, the document covers operating system hardening, memory management, and task management related to cybersecurity.

1. Cyber Security [105713] – Notes
Module 5
Malware: Explanation of Malware, Types of Malwares: Virus, Worms, Trojans, Rootkits, Robots,
Adware’s, Spywares, Ransom wares, Zombies etc., OS Hardening (Process Management, Memory
Management, Task Management, Windows Registry/ services
another configuration), Malware Analysis.
Open Source/ Free/ Trial Tools: Antivirus Protection, Anti Spywares, System tuning tools, Anti Phishing.
Malware is intrusive software that is designed to damage and destroy computers and
computer systems. Malware is a contraction for “malicious software.” Examples of
common malware includes viruses, worms, Trojan viruses, spyware, adware, and
ransomware.
Malware is a program designed to gain access to computer systems, normally for the
benefit of some third party, without the user’s permission. Malware includes computer
viruses, worms, Trojan horses, ransomware, spyware and other malicious programs.
Malware is a software that gets into the system without user consent with an intention to
steal private and confidential data of the user that includes bank details and password.
They also generates annoying pop up ads and makes changes in system settings.
They get into the system through various means:
Along with free downloads.
Clicking on suspicious link.
Opening mails from malicious source.
Visiting malicious websites.
Not installing an updated version of antivirus in the system.
Types of Malware:
Viruses
A Virus is a malicious executable code attached to another executable file. Thevirus spreads
when an infected file is passed from system to system. Viruses can be harmless or they
can modify or delete data. Opening a file can trigger a virus. Once a program virus is active,
it will infect other programs on the computer.
Worms
Worms replicate themselves on the system, attaching themselves to different files and
looking for pathways between computers, such as computernetwork thatshares common
file storage areas. Worms usually slow down networks. A virus needs a host program to
run but worms can run by themselves. After a worm affects a host, it is able to spread
very quickly over the network.
Explanation of Malware

2. Spyware
Its purpose is to steal private information from a computer system for a third party.
Spyware collects information and sends it to the hacker.
Trojan horse
A Trojan horse is malware that carries out malicious operations under the appearance of
a desired operation such as playing an online game. A Trojan horse varies from a virus
because the Trojan binds itself to non- executable files, such as image files, audio files.
Logic Bombs
A logic bomb is a malicious program that uses a trigger to activate the malicious code. The
logic bomb remains non-functioning until that trigger event happens. Once triggered, a
logic bomb implements a malicious code that causes harm to a computer. Cybersecurity
specialists recently discovered logic bombs that attack and destroy the hardware
components in a workstation or server including the cooling fans, hard drives, and power
supplies. The logic bomb overdrives these devices until they overheat or fail.
Ransomware
Ransomware grasps a computer system or the data it contains until the victim makes a
payment. Ransomware encrypts data in the computer with a key which is unknown to the
user. The user has to pay a ransom (price) to the criminals to retrieve data. Once the amount
is paid the victim can resume using his/her system.
Backdoors
A backdoor bypasses the usual authentication used to access a system. The purpose of
the backdoor is to grant the cyber criminals future access to the system even if the
organization fixes the original vulnerability used to attack the system.
Rootkits
A rootkit modifies the OS to make a backdoor. Attackers then use the backdoor to access
the computer distantly. Most rootkits take advantage of software vulnerabilities to modify
system files.
Keyloggers
Keylogger records everything the user types on his/her computer system to obtain
passwords and other sensitive information and send them to the source of the keylogging
program.
Adware
Adware is malicious software used to collect data on your computer usage and provide
appropriate advertisements to you. While adware is not always dangerous, in some cases
adware can cause issues for your system. Adware can redirect your browser to unsafe
sites, and it can even contain Trojan horses and spyware. Additionally, significant levels
of adware can slow down your system noticeably. Because not all adware is malicious,
it is important to have protection that constantly and intelligently scans these programs.

3. Malware Analysis is the study or process of determining the functionality, origin and
potential impact of a given malware sample and extracting as much information from it.
The information that is extracted helps to understand the functionality and scope of
malware, how the system was infected and how to defend against similar attacks in future.
Objectives:
To understand the type of malware and its functionality.
Determine how the system was infected by malware and define if it was a targeted attack
or a phishing attack.
How malware communicates with attacker.
Future detection of malware and generating signatures.
Types of Malware Analysis:
Static analysis –
It is a process of analyzing the malware without executing or running it. This analysis is used
to extract as much metadata from malware as possible like P.E headers strings etc.
Dynamic analysis –
It is process of executing malware and analyzing its functionality and behavior. This
analysis helps to know what malware does during its execution using debugger.
Code analysis –
It is a process of analyzing/reverse engineering assembly code. It is combination of both
static and dynamic analysis.
Behavioral analysis –
It is the process of analyzing and monitoring the malware after execution. It involves
monitoring the processes, registry entries and network monitoring to determine the
workings of the malware.
AntivirusSoftware
Antivirus software is a program(s) that is created to search, detect, prevent and remove
software viruses from your system that can harm your system. Other harmful software
such as worms, adware, and other threats can also be detected and removed via
MalwareAnalysis
Open Source/ Free/ Trial Tools: Antivirus Protection, Anti Spywares, System
tuning tools, Anti Phishing.

4. antivirus. This software is designed to be used as a proactive approach to cyber security,
preventing threats from entering your computer and causing issues. Most antivirus
software operates in the background once installed, providing real-time protection
against virus attacks.
How Antivirus Works:
Antivirus software works by comparing your computer applications and files to a
database of known malware kinds. Because hackers are continually creating and
disseminating new viruses, it will also check systems for the presence of new or
undiscovered malware threats. The antivirus checksfiles, programs, and applications going
in and out of your computer to its database to identify matches. Similar and identical
matches to the database are segregated, scanned, and eliminated.
Most programs will employ three types of detection devices:
Specific detection, which looks for known parts or types of malware or patterns that
are linked by a common codebase
Generic detection is a type of detection that looks for known parts or types of malware or
patterns that are related to a common codebase.
Heuristic detection is a type of virus detection that looks for unknown infections by
spotting suspicious file structures.
Examples of Antivirus:
The antivirus software is available in 2 types:
Free: Free anti-virus software provides basic virus protection
Paid: commercial anti-virus software provides more
extensive protection. The following are some
commonly used antivirus software:
Bitdefender: Bitdefender Total Security is a comprehensive security suite that protects
against viruses and dangerous malware of all varieties. This user-friendly antivirus
software is compatible with all four major operating systems and smart homes, and it
also includes a free VPN with a daily limit of 200MB, parental controls, camera protection,
a password manager, etc. This security suite is reasonably priced and will protect up to five
devices 24 hours a day, seven days a week.
AVAST: This is a free antivirus available. All you have to do to obtain top-notch protection
on your computer, emails, downloads, and instant messages in the free version is register
(for free) once a year. It includes a sophisticated heuristics engine that enables it to detect
viruses.

5. Panda: It can detect viruses, trojans, spyware, adware, worms, and malware at the same
level as other antiviruses do. It is different from others because using this software,
when you scan your computer, it doesn’t consume any of your computer’s resources;
instead, it runs in the cloud, allowing your machine to continue to function normally.
Anti Phishing
Let us discuss the utility of some of these anti-phishing tools.
Bitdefender Antivirus Free Edition
Avast Antivirus
Avira Free Security Suite
Bitdefender Antivirus Free Edition
Bitdefender Antivirus Free Edition is one of the best anti-phishing software free editions
that do their job silently. It is so silent that it does not even ask you any questions when
you install it on your enterprise network. It believes in letting its work do the talking.
Features Of Bitdefender
It keeps a strict watch on misbehaving apps to prevent them from creating any mischief.
It scans all the links on a website to identify the malicious ones and ensures that these
links do not infiltrate into your systems.
Being among the best anti-phishing tools, it can detect threats never encountered before,
thanks to its proactive malware scanning feature.
The best aspect of Bitdefender is that it ensures boot scanning every
time you start the PC. Pros
A free edition is available.
It is user-friendly.
This anti-phishing solution has a simple user interface.
Installing the software is easy
and convenient. Cons
Some of the bonus tools are elementary.
Better clean-up of ransomware is preferred.
Avast Antivirus
Of all the anti-phishing software solutions, Avast Antivirus is the most comprehensive and
the best anti-phishing tool free download option.
Features Of Avast
Anyone who has used computers should be aware of Avast Antivirus. It has a reputation
for providing free anti- virus software. The anti-virus software comes bundled with an
anti-malware feature to spot rogue programs depending on their behavioral patterns.
Avast Antivirus has an advantage over other similar products because it is also available for

6. mobile devices. After all, one of the most accessible avenues for phishing attacks is the
mobile route.
Apart from providing routine anti-virus protection, Avast can fine-tune your PC and make it
run better. It can also ensure file shredding to eliminate viruses and malware from your
enterprise networks.
Pros
Avast has a fantastic record of malware detection.
It has excellent anti-malware and anti-phishing software.
Regular upgrades are released.
A free version is
available. Cons
Avast has limited password manager features.
The earlier editions of Avast were not very efficient in anti-phishing technique.
Sharing data with others is still risky.
Avira Free Security Suite
Avira is also a popular name when you are on the lookout for anti-phishing tools. It is
one of the best anti-phishing software free editions available online.
Features Of Avira
Apart from providing antivirus and anti-phishing protection, Avira is also a software
updater.
This software scans your network and helps fix the vulnerabilities.
Avira also includes a free VPN for up to 500MB per month. It also comes with privacy
settings and a password manager.
The best feature of Avira is that you can choose the options that you want to install.
Upgrades are available from time to time.
The free version of Avira is short of a few options, but the paid/premium packages have
facilities that can optimize the systems and speed up the PCs connected to it.
Pros
Avira is a free software solution, though premium options are available.
Software updater and PC optimizer features are available in
the premium option. Cons
Since it is a free software solution, one can encounter pop-up ads. It not only affects
computer speeds but is also an annoying feature.
It is a type of system hardening. It involves patching and applying advanced system
security procedures to secure the server's OS. Automatically installing updates, patches,
and service packs are some of the most effective methods to harden the OS.
Operating system hardening

7. An OS hardening is similar to application hardening in that the OS is a type of software.
Operating system hardening provides basic software that grants those applications
access to specific activities on your server.
Operating system developers frequently perform a good job of issuing OS updates and
encouraging users to install them on Microsoft, Linux, and iOS. These frequent updates
can help to keep your system secure and resilient to cyber-attacks.
Hardening an operating system usually includes:
Following security practices and making sure your configuration is secure.
Additional security measures are implemented, including endpoint protection systems,
firewalls, and OS security extensions like AppArmor for Linux.
Patches and service packs are automatically applied to the operating system.
It removes the unnecessary drivers.
It limits and authenticates system access permissions.
It encrypts the SSD or HDD that stores and hosts the OS.
MemoryManagement
What do you mean by memory management?
Memory is the important part of the computer that is used to store the data. Its
management is critical to the computer system because the amount of main memory
available in a computer system is very limited. At any time, many processes are competing
for it. Moreover, to increase performance, several processes are executed simultaneously.
For this, we must keep several processes in the main memory, so it is even more important
to manage them effectively.
Memory management Techniques:

8. The Memory management Techniques can be classified into following main
categories:
Contiguous memory management schemes
Non-Contiguous memory management schemes
Task Management
Task management is the process of monitoring your project's tasks through their various
stages from start to finish. This involves actively making decisions for your tasks to
accommodate changes that can occur real-time, with your end goal being the successful
completion of your tasks.
Task management is the process of managing an individual task from conception to
closing. A task needn't necessarily have any goal or even specific deadlines. A group of
tasks together contribute towards the execution of a project. Therefore, task management
is inherently a function of project management.