DEALING WITH MALICIOUS CODE

[Name]

[Course]

[Date]

TABLE OF CONTENTS

Abstract1

Introduction1

Dealing with Malicious Code2

Conclusion4

References6

DEALING WITH MALICIOUS CODE

Abstract

The problem of malicious codes is real. These have the ability to enter the networks and systems of an organization to corrupt the same. Mostly, the Windows-based systems are in use that becomes threatened by these malicious codes. These range from Trojan horses, viruses, worms, user-level and kernel-level rootkits, and other mobile malicious codes. There are numerous techniques and tools that are available to deal with the same that range from the use of antivirus software to other tools like internet content scanners and intrusion detection systems. Mostly, there is a need for a response plan to deal with these threats. This involves the implementation of these security and protection tools as well as monitoring and incidence response. There are also many other ways to deal with threats on Windows systems through proper forensics and investigative techniques. These range from malware incident response to memory forensics to post-mortem forensics. There are also legal considerations involved in this forensics and the need for file identification and profiling. Hence, the use of investigative analysis and forensics is one important way to contain these threats in addition to the implementation of other security management tools.

Introduction

Malicious code is very bad for the computing environment. It can impact the systems running Windows as well as other networking and hardware components. Further, it is also very harmful for other devices connected with the systems. It is mostly an unwanted part of code that is embedded in the systems for the purposes of a security breach, causing damage to the system, and producing undesired effects. It affects the applications with respect to their security and does not get countered with traditional anti-virus software. These are a wide variety of security terms including attack scripts, worms, backdoors, viruses, Trojan horses, and malicious active content.

These can come in different forms including Java applets, scripting languages, pushed content, ActiveX controls, and browser plug-ins. Once it is inside the system it enters network drives to spread throughout the organization. It could also engage in network and mail server overload, delete document files, email files and passwords, steal data and passwords, and reformat the hard drives (Glynn, 2012).

Dealing with Malicious Code

There are different types of malicious code and different ways to tackle with the same. A worm spreads across the network, does not require human interventions to spread, and is also self-replicating. Malicious mobile code is lightweight programs that are downloaded from remote servers and executed on local machines with minimal human intervention. These are usually written in JavaScript, Java, VBScript, or ActiveX. Likewise, backdoors tend to bypass the security protections to provide illegal access to the attacker.

There are also other such malicious codes such as the Trojan horses that mimic as useful programs but have malicious code hidden in them. Similarly, user-level rootkits modify or replace the executable programs to be used by the users and other administrators. Additionally, a kernel-level rootkit modifies the kernel, which is ...