Malware development: From early viruses to modern cyber threats
Abstract
Malware is one of the biggest threats in the digital environment, as it is constantly evolving and becoming more dangerous. The purpose of this study was to analyse the evolution of malicious software. Historical, comparative and empirical analysis and an assessment of existing security technologies were used to achieve this goal. The main findings revealed several key stages in the development of malicious software. Historical analysis has shown that the evolution of malware has gone through several significant stages, from simple viruses and worms to complex threats such as ransomware and spyware. These changes were driven by technological advances and increased attack capabilities, which allowed malicious software to use new vectors of influence and deception methods. A comparative analysis of modern cyber threats revealed the key characteristics and differences between different types of malwares, including their specific distribution methods and vulnerabilities. It was found that new threats have a more complex architecture and use more innovative tactics, which significantly complicates their detection and neutralisation. An empirical analysis involving the use of threat detection tools provided specific data on malware behaviour in action. A review and testing of modern security methods, including antivirus solutions, intrusion detection systems, and firewalls, showed their strengths and weaknesses, as well as their effectiveness in detecting and preventing new threats. The results of the study highlighted the need for continuous improvement of protection methods, which is critical for effective control of modern cyber threats
Keywords
evolution of information attacks; digital security; intrusion detection systems; security technologies; computer incident analysis
References
[1] Akhter, N., Aziz, O., & Hussain, T. (2021). Latest trends in the cybersecurity after the solar wind hacking attack. Foundation University Journal of Engineering and Applied Sciences, 1(2). doi: 10.33897/fujeas.v1i2.347.
[2] Alchi, A., Dodiya, K., & Niveditha, V.S. (2024). Impact of neural network on malware detection. In K. Kaushik & I. Sharma (Eds.), Next-generation cybersecurity (pp. 219-241). Singapore: Springer. doi: 10.1007/978-981-97-1249-6_10.
[3] Anderson, R.J. (2020). Security engineering: A guide to building dependable distributed systems. London: Wiley. doi: 10.1002/9781119644682.
[4] Antonenko, N., Dihtyar, Ya., & Krykun, N. (2022). Modern methods of fighting computer viruses. Economy and Society, 43. doi: 10.32782/2524-0072/2022-43-51.
[5] Bishop, M. (2018). Computer security: Art and science. Boston: Addison-Wesley.
[6] Chen, Z. (2020). Deep learning for cybersecurity: A review. In International conference on computing and data science (pp. 7-18). Stanford: IEEE. doi: 10.1109/CDS49703.2020.00009.
[7] Conti, M., Dehghantanha, A., Franke, K., & Watson, S. (2018). Internet of Things security and forensics: Challenges and opportunities. Future Generation Computer Systems, 78(2), 544-546. doi: 10.1016/j.future.2017.07.060.
[8] Dalman, J., & Smith, H. (2021). Under attack: Protecting against Conti, DarkSide, REvil and other ransomware. Retrieved from https://www.crowdstrike.com/blog/how-to-defend-against-conti-darkside-revil-and-other-ransomware/.
[9] Dewangan, K.K., Panda, V., Ojha, S., Shahapure, A., & Jahagirdar, S.R. (2024). Cyber threats and its mitigation to intelligent transportation system. In Symposium on international automotive technology. Warrendale, Pennsylvania: SAE International. doi: 10.4271/2024-26-0184.
[10] Durmuş Şenyapar, H.N. (2024). Digital marketing in the age of cyber threats: A comprehensive guide to cybersecurity practices. The Journal of Social Science, 8(15), 1-10. doi: 10.30520/tjsosci.1412062.
[11] Ferdous, J., Islam, R., Mahboubi, A., & Islam, M.Z. (2023). A review of state-of-the-art malware attack trends and defense mechanisms. IEEE Access, 11, 121118-121141. doi: 10.1109/ACCESS.2023.3328351.
[12] Galuzin, I., & Naiman, G. (2021). Vulnerability management of corporate information systems based on QUALYS solutions. Modern Information Security, 46(2), 26-31. doi: 10.31673/2409-7292.2021.020708.
[13] Hanna, K.T. (2021). Chernobyl virus. Retrieved from https://www.techtarget.com/searchsecurity/definition/Chernobyl-virus.
[14] Janoti, N.S., Rohan, Rida, & Negi, N. (2024). Strategic perspectives on cyber threat intelligence: A comprehensive analysis. International Journal for Research in Applied Science and Engineering Technology, 12(4), 524-529. doi: 10.22214/ijraset.2024.59816.
[15] Jartelius, M. (2020). The 2020 data breach investigations report – a CSO’s perspective. Network Security, 2020(7). doi: 10.1016/S1353-4858(20)30079-9.
[16] Karlberg, L.A. (2004). Sasser faster than Blaster. Retrieved from https://www.nyteknik.se/nyheter/sasser-snabbare-an-blaster/425179.
[17] Khatun, T. (2024). Malware – unmasking the pervasive cyber threat of 2023. Retrieved from https://www.researchgate.net/publication/382442937_Malware-_Unmasking_the_Pervasive_Cyber_Threat_of_2023.
[18] Kokare, P.N., Vora, D., Patil, S., Kotecha, K., Khairnar, V., Choudhury, T., & Kulkarni, A. (2024). Post quantum cryptography: A survey of past and future. Retrieved from https://www.researchgate.net/publication/382398375_Post_Quantum_Cryptography_A_survey_of_Past_and_Future.
[19] Kumar, S., & Nagar, G. (2024). Threat modeling for cyber warfare against less cyber-dependent adversaries. Proceedings of the 23rd European Conference on Cyber Warfare and Security, 21(1), 257-264. doi: 10.34190/eccws.23.1.2462.
[20] Legárd, I. (2020). Building an effective information security awareness program. Central and Eastern European eDem and eGov Days, 338, 189-200. doi: 10.24989/ocg.338.15.
[21] Marchenko, О. (2023). Cybersecurity and information protection: Analysis of the impact of risks and threats using modern effective cyberspace protection strategies. Information Technology: Computer Science, Software Engineering and Cyber Security, 3, 50-59. doi: 10.32782/IT/2023-3-6.
[22] Matthews, T. (2022). Creeper: The world’s first computer virus. Retrieved from https://www.exabeam.com/blog/infosec-trends/creeper-the-worlds-first-computer-virus/.
[23] Nemchick, E. (2023). What is Pegasus spyware+how to remove it from your mobile device? Retrieved from https://us.norton.com/blog/emerging-threats/pegasus-spyware.
[24] Obi, O.C., Akagha, O.V., Dawodu, S.O., Anyanwu, A.C., Onwusinkwue, S., & Ahmad, I.A.I. (2024). Comprehensive review on cybersecurity: Modern threats and advanced defense strategies. Computer Science & IT Research Journal, 5(2), 293-310. doi: 10.51594/csitrj.v5i2.758.
[25] Okhanashvili, S. (2023). Cyber security and malware. “Intercultural Dialogues” Transactions, 7. doi: 10.52340/idw.2023.72.
[26] Olaniyan, T. (2021). Applying the diamond model of intrusion analysis: FireEye breach. Retrieved from https://www.researchgate.net/publication/354254596_Applying_the_Diamond_Model_of_Intrusion_Analysis_FireEye_Breach.
[27] Qumer, M., & Ikrama, S. (2022). Poppy Gustafsson: Redefining cybersecurity through AI. The Case for Women, 1-38. doi: 10.1108/CFW.2022.000001.
[28] Ravi, P., Bhargav, K.S., Venkatesh, P.M.M., Princy, M., & Reddy, M.R. (2024). Empowering security with machine learning for ransomware and malware detection. International Journal of Scientific Research in Engineering and Management, 8(4), 1-5. doi: 10.55041/IJSREM30675.
[29] Stallings, W., & Brown, L. (2018). Computer security: Principles and practice. London: Pearson.
[30] Tsymbal, A. (2024). Development of a system for detecting suspicious activities in computer networks. (Bachelor’s thesis, Black Sea National University named after Petro Mohyla, Mykolaiv, Ukraine).
[31] Zulkovska, I., Pluzhnik, A., & Zhulkovski, O. (2021). Modern methods of detection of malware. Mathematical Modelling, 44(1), 46-54. doi: 10.31319/2519-8106.1(44)2021.235922.