Beruflich Dokumente
Kultur Dokumente
ABSTRACT
Spyware belongs to a group of software known as malware, or
pestware. It sends information to another destination on the Internet from a computer without the user's explicit consent and knowledge Spyware is a growing problem on the desktops of American Standard users. Most spyware comes bundled with peer-to-peer file-sharing programs, such as iMesh,Bear Share and Kazaa.
Introduction
Definition : A general term for a program that surreptitiously monitors your actions. While they are sometimes sinister, like a remote control program used by a hacker, software companies have been known to use Spyware to gather data about customers. The practice is generally frowned upon.
Software Examples
GAIN / Gator Gator E-Wallet Cydoor BonziBuddy MySearch Toolbar DownloadWare BrowserAid Dogpile Toolbar
EXISTING SYSTEM :
Push Advertising Pull Tracking Personal data
Symptoms
Targeted Pop-ups Slow Connection
Program Customisation
Summary of Effects
Collection of data from your computer without consent Execution of code without consent Assignment of a unique code to identify you Collection of data pertaining to your habitual use Installation on your computer without your consent Inability to remove the software Performing other undesirable tasks without consent
Certificate asking
verification
Disadvantages
Browsing profiles created for users without consent
Used for target marketing and statistical analysis
Vulnerable Systems
Those with an internet connection! Microsoft Windows 9x/Me/NT/2000/XP Does not affect Open Source OSs Non - fire-walled systems Internet Explorer, executes ActiveX plug-ins
Proposed System
Spyware is constantly growing and evolving. From simple software for promoting ads, it has now grown into a serious security threat with financial motives behind it. A study by the Tel Aviv based Aladdin . Knowledge Systems in 2005 found that as much as 70 percent of the new virus and worm code also contained spyware components [3]. With time we will see, more and more such integration of spyware with viruses and worms. Spybot W32 is a prototype of such kind of future virus/worm/spyware. Coming together of spyware and virus authors is perhaps the most troublesome aspect of future for the antispyware industry. Recently, a virus was in circulation which could disable Zone Alarm so that the spyware can carry on doing their stuff without getting interrupted. New age spyware like the CoolWebSearch browser hijacker employ the update feature in much the same way as antispyware do
Mutating spyware is going to be the spyware of the future. Although behavior based detection technique are able to catch them but these techniques are not perfect and generate too many false positives and negatives . Eventually they require human intervention to take a decision. If the computer user is not aware and knowledgeable these spyware can work unnoticed. We have seen how prolific spywares growth has been in recent years. This becomes even more astonishing if we consider that there is no spyware toolkit, like viruses. A spyware author therefore has to be a technically capable person. What will happen if such a toolkit is developed and there is no reason to believe it wont be? Any person with malicious intent and with no or little technical expertise will be able to write a spyware.
Spyware Defence
User Initiatives
Issue Awareness Use Legitimate S/W Sources Improved Technical Ability Choice of Browser Choice of OS Legal action taken against breaches of privacy Oct 02 Doubleclick
Technical Initiatives...
Spyware Removal Programs Pop-up Blockers Firewall Technology Disable ActiveX Controls Not Sandboxed E-Mail Filters Download Patches
Spyware Removers
Ad-aware (by Lavasoft)
Reverse Engineer Spyware Scans Memory, Registry and Hard Drive for
Data Mining components Aggressive advertising components Tracking components
CONCLUSION
As we saw from the statistics in the beginning of this report, spyware is growing tremendously and it is affecting enterprises and personal usage alike. One alarming aspect of this is that the worst is yet to come. Continuing the discussion at the end of the previous section, we are about to see a spyware boom and the need to be protected against it is now becoming a necessity. To mitigate the threat that spyware poses it needs to be attacked from as many fronts as possible at the same time
FUTURE SCOPE
The third and final part of the solution is the technical side of it. Recent advances in antispyware technologies are certainly helping to protect people against spyware. The focus is now shifting to proactive measures which detect and prevent spyware installation rather than the reactive measures for detection and removal after they have been installed. Real time protection, EULA analyzers and interest based detection are a few of those technologies which detect spyware before they start working and do not wait until they are done. A number of people in the academia and the industry have spotted the potential danger and a number of researchers are directing their attention towards this area of the malware industry.
The emergence of companies like Microsoft, McAfee and Norton in the antispyware business is a harbinger of better things to come to the
attacked from all sides possible to prevent it from owning the internet and
everybody will have to do their bit. Aware internet users, stringent laws and advanced antispyware technologies are the answer to this growing threat.
Bibliography / Links
[1] "Spyware" Definition - BlackICE Internet Security Systems - http://blackice.iss.net/glossary.php [2] "Trojan Horse" Definition Texas State Library and Archives Commission - http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html [3] Zeinalipour-Yazti, D. Exploiting the Security Weaknesses of the Gnutella Protocol, University of California. [4] Joshi, R. Network Security Applications, Merchantile Communications, CANIT Conference 2003. [5] CERT Advisory CA-1999-02 http://www.cert.org/advisories/CA-1999-02.html [6] Spyware Guide http://www.spyware-guide.com [7] Trojan Horses - http://www.mpsmits.com/highlights/trojan_horses.shtml [8] Trojan Horse - Back Orifice - http://www.nwinternet.com/~pchelp/bo/bo.html [9] NetBus - http://www.nwinternet.com/~pchelp/nb/netbus.htm [10] BBC News - http://news.bbc.co.uk/1/hi/technology/3153229.stm [11] Wired News Judge takes bite out of Gator www.wired.com/news/politics/0,1283,53875,00.html [12] Tracking Cookies Demonstration at http://www.irt.org/instant/chapter10/tracker/index4.htm [13] BonziBuddy - http://www.bonzi.com/bonzibuddy/bonzibuddyfreehom.asp [14] Unwanted Links (Spyware) http://www.unwantedlinks.com [15] Andersen, R. "Security Engineering", First Edition, J. Wiley and Sons, 2001. [16] Scacchi, W. Privacy and Other Social Issues, Addison-Wesley, 2003. http://www.ics.uci.edu/~wscacchi/Tech-EC/Security+Privacy/Privacy.ppt