.

Monday, August 5, 2019

Impact of Spyware on Computers and Mobile Devices

Impact of Spyware on Computers and Mobile Devices 1.0 INTRODUCTION 1.1 PROJECT OUTLINE The title of the project chosen by the author is â€Å"Study on the impact of spyware on computers and mobile devices† which simply means that the author analyzes the impact of spyware through an empirical study. The study focuses on the factors that influence the spyware growth which in turn increases its level of impact on computers and mobile devices. Computers and mobile devices are widely used; they are used to access the internet, while everyone wants to acquire the internet in todays world. While technology advances, so are the criminal activities on the technology. When talking about computer crime, the first thing that comes to mind is spyware. Spyware is so big of a crime that millions of dollars are lost annually due to it. Hackers use spyware to still private information from the users like credit card information and so on. Although spyware has been here for a long time, it is computer crime with no legal consequence. Users have little or no knowledge about what spyware is and it can do to them and their machines (computers and mobile devises). Even though virus has been around longer than spyware, but spyware is beginning to make its mark with computer security breaches. Spyware can collect personal data from a users computer. If not taken care of spyware can cause delayed processing of many of your applications. Below are the brief descriptions of each chapter: Chapter one: Introduction This chapter provides a brief overview of the project. It provides the reader with the background information about spyware and the problem statement. The research questions, limitations and methodology are also discussed in this chapter. Chapter two: Literature Review This chapter mainly deals with the pertinent literature of the impact of spyware and discussion on the various types of spyware effect and the comparison between the mobile spyware and the computer spyware. Lastly, the chapter will also discuss about the factors enhancing spyware growth. Chapter three: Research Framework and Hypotheses Development This chapter discus the author is going to propose the research framework/model and hypotheses to explore the users perception about privacy, self efficiency, security, legal framework, spyware knowledge and self-efficiency, trust and cost. Chapter four: Research Methodology This chapter will describe the research design that is used during the research. The chapter will discuss the overall research process. The chapter will also include information on data collection, sampling plan and questionnaire development. Chapter five: Data Analysis and Findings This chapter will outline the data collected through questionnaire and interviews by making use of the appropriate software and analysis of the study. The chapter will also provide discussion of the research findings. Chapter six: Conclusion and Recommendation This chapter will discuss about the result of the previous chapter the contribution of the study to the body knowledge. Conclusion along with future enhancement will also be discussed in the chapter. This chapter concludes the research. 1.2 INTRODUCTION This chapter is meant to give the user/reader helpful idea and an insight to the whole research. Most readers will like to get a grasp of the main ideas of a research paper before actually proceeding to read the whole research. This chapter clearly states the primary objective of the research and the main problem which is been researched. The backgrounds and nature of the study are also highlight the purpose of the research. Several books and journals have been read by the author to have foundation knowledge on the concept of spyware. Spyware is a significant problem to most computer users today. The term â€Å"spyware† describes a new class of computer software. This software tracks users activities online or offline, provides targeted advertising, and engage in other types of activities that the user does not desire or the user may describe as invasive to them. Analysis suggests that these types of programs may reside on up to 90 percent (%) of all the computers connected to the internet. (EarthLink 2005) Frequently, programs bundle spyware with freeware or shareware, though it can also arrive via email, instant messages or web downloads. While the magnitude of the spyware problem is well documented, even do recent studies have had only limited success in explaining the broad range of user behaviors that contribute to the proliferation of spyware. Unlike viruses and other malicious code, users themselves often have a choice whether they want to install these programs. Anecdotal evidence suggests, and our study confirms, that some users are willing to install spyware when the desired application is of perceived high utility and a comparable product without spyware is not available or known to the user (Michelle Delio 2004). Our goals in this study are to understand the factors and users decision making process in installing spyware. During installation, users are presented with notices such as software agreements, terms of service (TOS), end user licensing agreements (EULA), and security warnings. Based on information in these notices, users should, in theory, be able to make a decision about whether to install the software and evaluate the potential consequences of that decision. However, there is a general perception that these notices are ineffective and users often dont even read the software agreement, terms of service, end user licensing or security warnings. One software provider included a $1000 cash prize offer in the EULA that was displayed during each software installation, yet the prize was only claimed after 4 months and 3,000 downloads of the software (PC PitStop 2005). 1.3 BACKGROUND STUDY Spyware has existed at least since the late 1980s when some Keyloggers where discovered in some university computers. â€Å"The word spyware was first used in publicly in October 1995. It popped up on Usenet (a distributed Internet discussion system in which users post e-mail like messages) in an article aimed at Microsofts business model.† (Shanmuga 2005) Over the years, there has been a steady growth in the use of spyware by online attackers and criminals to execute crime against individual, companies and organisations. In the span of just few years, spyware has become the internets most popular download. During the years, the anti-spyware was developed to tackle this problem. The anti-spyware was meant to find, detect and remove the spyware. But even with the development of anti-spyware, spyware still continues to grow every day. One of the factors that aid this growth is the lack of standard definition of spyware. Jerry Berman, President of the Center for Democracy and Technology (CDT), explained in testimony to the Subcommittee on Communications of the Senate Commerce, Science, and Transportation Committee in March 2004 that â€Å"The term has been applied to software ranging from keystroke loggers that capture every key typed on a particular computer; to advertising applications that track users web browsing; to programs that hijack users system settings.† (CDT 2004) He noted that what these various types of software programs â€Å"have in common is a lack of transparency and an absence of respect for users ability to control their own computers and Internet connections.† (CDT 2004) Different anti-spyware companies and organizations use different definition which makes even difficult for the users of computers and mobile dont even know what spyware is, as such how can they know the threat of it and the harm it those to their devices 1.4 PROBLEM STATEMENT The problem statement of this research study â€Å"is the hypothesized factors influence and positive affect the users attitude towards spyware?† Even do spyware has been here for over two decades, it still does not have a standard definition. This makes it harder for users to understand what spyware is and how it affects their system, and how deep is the level of impact. (Norbert 2007) Past studies have been done to study the development of spyware and its growth, how it affects the businesses, privacy and other personal informations of the users, and disrupts the performance of the users machine, and the factors that influence the growth. While the magnitude of the spyware problem is well documented, even do these studies have had only limited success in explaining the broad range of user behaviors that contribute to the proliferation of spyware. Unlike virus and other malicious codes, users often have the choice to whether they want to install this spyware or not. While other users install it with other programs without knowing. This situation often arises as a result of users not reading the software agreement, term of service or the end user licensing agreements. Nonetheless, only very few studies focus specifically on the level of spyware impact on computers and mobile devices, and most of them were carried out in the United States of America USA. Addressing this problem is a very big issue, because users dont want to spend two to five minutes of their time to read the terms of service. The software producers often put in a lot of information in the terms of service there by making the user not read because it is too lengthy. 1.5 RESEARCH QUESTIONS With reference to the Problem statement, the author suggested the following questions: What are the factors influencing spyware growth among users? What are the theoretical models used and extended in previous studies of spyware? What are the significant factors influencing the research? What are the users reactions towards spyware? How will the research result affect impact of spyware on computers and mobile devices? 1.6 RESEARCH OBJECTIVES With reference to the research questions, the author developed the following research objectives for the study: To identify the factors influencing spyware growth among users. To study and discuss the theoretical models used and extended in previous studies of spyware. To examine the hypotheses and experimental validating the research model. To better understand the users reaction towards spyware. To discuss the empirical result and the suggestion to promote and reduce the growth of spyware. 1.7 NATURE OF STUDY The author is studying about the impact of spyware in both mobile devices and computers, and the he generates some questionnaires which he will use to gather information from the general public and organisations. This study was design in such a way that the author and other practitioners will answer questions based on their perspective view. The conceptual model was based on extensive literature review of various theoretical models that is aligned with the technological, network, economical, business and some other dimension. The conceptual model is then converted into research model for validation and testing using data collected from the general public and some network specialist. 1.8 SIGNIFICANCE OF STUDY This study presents two main implications, the theoretical contribution and the practical contribution. The developed model in this study consists of six constructs; they are spyware knowledge, perceived privacy control, security effect, self efficiency, legal framework, and trustworthiness and trust in vendors. This model is tested empirically to explain what will lead the users to take technical defensive measures. In practical contribution, the result of this study will also benefit the software vendors, the users of computers and mobile devices and any other institution will be able to apply the key factors obtained from this research to meet their institutional, organizational or personal needs. This study will benefit in term of providing the users point of view and it will also contribute to administration decisions as the finding of the research help direct them to the area of focus. The findings will make the contribution in term of creating an understanding on the factors that will influence spyware growth and its level of impact. 1.9 METHODOLOGY OVERVIEW This research is design in such a way that it was divided in two adopted steps. The steps are the pre-test study and the main study. The pre-test study was the study that was done in the early stages of the research. This involves the literature reviewing of type of spyware, impact of spyware, how spyware affects the machine and so on. The pre-test was conducted to gain a greater understanding about spyware. The pre-test study helps in understanding the topic there by producing the main research questions. The main study will be conducted based on a survey, a questionnaires and interview conducted among users, corporations and some top school in Malaysia. The questionnaire will be use to collect data on some of the identified problems. The collected data will then be analyzed using the appropriate statistic tools. 1.10 CONCLUSION In conclusion, this chapter introduces the research to the reader by bringing out the background of spyware, the primary objective of the research, also stating the main questions of the research. It also discusses the methodology in summary. In short, this chapter will provides the reader will hopeful idea about the research. The following chapters will further provide the literature review on the impact of spyware in our machines and devices. 2.0 LITERATURE REVIEW 2.1 INTRODUCTION This chapter will provide an in-depth detail on spyware as well as the types of spyware. The chapter will also bring out all the possible definitions of spyware, the overview of spyware. The chapter will bring out the possible ways in which spyware operates and it will talk a little about the target victims of the spyware. The chapter will also analyze the infection methods of spyware and so on. 2.2 DEFINITION It is not easy to bring out a standard definition on spyware, which makes it much harder to understand. But the author will bring out all the definitions he can find and also propose/bring his own definition based on his understanding of the spyware. In the definition of spyware, two particular issues must be included for the definition to be complete. But research shows that users only stick to either one of the two when defining spyware. This two issues are always been contested by the users. The two particular issues contested are the range of software behaviour and the degree of user consent that is desirable. Firstly, some users prefer the narrow definition which focuses on the monitoring (Surveillance) aspects of spyware and its ability to steal, communicate and store information about users and their behavior. Others prefer the broad definition that includes adware, toolbars, search tools, hijackers and dialers. Definitions for spyware also include hacker tools for remote access and administration, key logging and cracking passwords. Second, there is limited agreement on the lawfulnessof spyware that engages in behavior such as targeting advertisements, installing programs on user machines and collecting click stream data. Users consider a wide range of programs that present spyware-like functionality unacceptable. To complicate the definition, certain software behaviors are acceptable in some contexts but not others. Furthermore, there is concern over user notice and consentrequired during an installation process. The practice of bundlingsoftware, which merges spyware with unrelated programs, also heightens this concern. Jerry Berman, President of the Center for Democracy and Technology (CDT), explained in testimony to the Subcommittee on Communications of the Senate Commerce, Science, and Transportation Committee in March 2004 that â€Å"The term has been applied to software ranging from keystroke loggers that capture every key typed on a particular computer; to advertising applications that track users web browsing; to programs that hijack users system settings.† (CDT 2004) He noted that what these various types of software programs â€Å"have in common is a lack of transparency and an absence of respect for users ability to control their own computers and Internet connections.† (CDT 2004) The author will also like to propose his definition of spyware based on his understanding of the matter. Spyware is a program that is installed in the machine with or without the permission of the user, and it can monitor the activities of the user, steal valuable information from the user and send to a third party and disturb/regulate the functionality of the machine like speed, stability and internet access efficiency. 2.3 OVERVIEW 2.3.1 Types of spyware Basically any software that can be installed in the users machine which is used to obtains information from their computer or mobile device without their knowledge can be termed as a spyware. There are many types of spyware that are doing the rounds on the Internet, but in technical terms, you can classify them into two broad categories namely, Domestic Spyware and Commercial Spyware. (UpickReviews 2007) 2.3.1.1 Domestic spyware Domestic spyware is software that is usually purchased and installed by computer owners to monitor the Internet behaviour on their computer networks. Employers usually use this software to monitor employee online activities. Some family members use domestic spyware to monitor other family members, while parents and guardians often use this kind of software to monitor the activities of their children online. Some people use this kind of softwares to spy on their friends and girl friend. In America, many couples often install this kind of software on their partners mobile phone in other to monitor their call. This usually happens when one party thinks the other is cheating on them. A third party can also install domestic spyware without the knowledge of the computer owner on their machine or mobile device. Law enforcement officials have often used domestic spyware to monitor suspected criminal activity and criminals have used domestic spyware to siphon personal information from private computers in order to steal assets. (TopTenReviews 2003) Domestic spyware is one of the most common spyware used using mobile devices. This is done to monitor the activity of the target victim i.e calls and SMS. 2.3.1.2 Commercial spyware. These types of software systems are often used by third parties to monitor and record the browsing behaviour of the user. The main purpose of it is to monitor the online habits of the user and sell the gathered information to anyone who might be interested. It is often online businesses that buy the information and use it to hit the user with targeted advertising, i.e. advertisements that relate to your usual Internet browsing habits. Advertisers often use commercial spyware simply because it is far simpler, economical and faster than collecting information through legal means such as contests, questionnaires, registration surveys and the likes. It is also because information gathered by spyware is far more reliable because users often dont cooperate when it comes to filling questionnaire sincerely, while some may accept to do it but they will not give true information when it comes to their private things. Since it represents the users true browsing behaviour, the advertisers go for it. You may take your pick while filling out an online registration form, but you just cannot cheat a spyware because it simply monitors and records all your activities. In the past marketers had to bribe their way to learn the users preferences through contests, registration surveys and the like. Those methods of gaining the users personal information still exist, but in those cases you have the power to read the fine print to learn the fate of your data and so could choose to consent or refuse There are many types of spyware that are classified under commercial spyware. They are: Browser hijackers, adware, Malware, dialers, Trojans and viruses, Worms, etc. 2.3.1.2.1 Adware Adware is the most common type of spyware available. They are cookies which hide on your computer waiting for you to go online. The cookies often get into your computer through popup that you open. Once the adware detects that youre connected to the Internet it starts sending you popup, pop-over, pop-under ads, and some sort of advertisement for anything from airline tickets to porn site membership. Not only that but even information on your viewing habits is tracked and stored. This data is then sold on to marketing companies who will be sending you more junk email and popup ads. (Spam-site 2006) 2.3.1.2.2 Dealers Software that gets installed on your computer that has the ability to make phone calls from your computer, though a phone-connected modem, without your knowledge. These programs will connect to other computers, through your phone line, which are usually porn sites. These numbers are pay per minute call though, so you get charged for the amount of time your computer is connected to it. While dialers do not spy on users they are malevolent in nature because they can cause huge financial harm to their victims. It is mostly used by porn sites. They can also be classified as hijackers. ( Abrams 2009) 2.3.1.2.3 Malware Malware is malicious software designed specifically to damage users machine. But Malware is typically not self-replicating or designed for PC-to-PC distribution. (Pareto 2009) 2.3.1.2.3 Trojan Trojan is a program that contains hidden functionality, often posing as useful applications yet performing Spyware or Adware functions and facilitates unauthorized access to the users computer system. The term ‘Trojan horse was found from the mythical wooden horse that carried hidden Greek soldiers into Troy. (Pareto 2009) 2.3.1.2.4 Worm Worms are self-replicating, fast-spreading Internet threats that are more like viruses than Spyware. They differ from viruses in that they can replace entire files on the host computer. Both viruses and worms attempt to spread to as many computers as possible, using e-mail, the Internet, and file-sharing networks as methods of distribution. (Pareto 2009) 2.4 OPERATIONS OF SPYWARE The usual method for a spyware to operate is to run secretly in the background of the users computers (McCardle 2003). The reason behind this concealing of processes is commonly argued as that it would hardly be acceptable if, e.g., if free file-sharing software kept stopping to ask the user if they are ready to fetch a new banner or a pop-up window (Townsend 2003). Therefore, the client/server routine of spyware is normally executed in the background. In practice, there would be nothing wrong with spyware running in the background provided that the users know that it is happening, what data is being transmitted, and that they have agreed to the process as part of the conditions for obtaining the freeware. However, most users are unaware that they have software on their computers that tracks and reports information on their Internet usage to a third party. Typically, a spyware program secretly gathers user information and spreads it without the users knowledge of it. Once installed, the spyware monitors, e.g., user activity on the Internet and transmits that information in the background to third parties, such as advertising companies. In reality, spyware run constantly, even when their carrier program, e.g., a file-sharing tool, has been terminated. A more or less legal grey area is utilized by the spyware actors, since in most program licenses they specify that information may be gathered for corporate purposes. However, the usual model is to collect more information than they have asked for (Townsend 2003). Besides this, most license agreements are been formulated in such a way that the reader finds it extensively hard for users to understand. 2.5 SPYWARE INFECTION METHOD Spyware infects its victims through many different ways. The most common of these ways include drive-by download, P2P wrecks havoc, free software download, social engineering and vulnerability route. 2.5.1 Drive-by downloads This is a program that is automatically downloaded to users computer, often without the users knowledge. The download may be initiated when the user visits a website or by another application. Drive by downloads can also be initiated by Mouse Over downloads, requiring a user to run the mouse over a malicious Pop-up ad or malicious pop-up window. Another scenario is when the user visits a website that pops up a window with a message like in order to properly view this website you must install this program. The FTP / HTTP Get request will initiate the download of the software onto the client machine. Installation will be performed by the user and during this installation they will be asked permission to install the malware as well as the software. Internet Explorer uses ActiveX controls for installing legitimate plug-ins like Flash, to enhance the browsers functionality and provide interactive programs for Internet Explorer. When misused, it provides a means for installing spyware such as dialers, browser hijackers, and other types of malware. ActiveX programs can automatically download to a users computer, often without users knowledge. It can be invoked from web pages through the use of a scripting language or directly with an HTML OBJECT tag. On execution by a web browser, it has full access to the Windows operating system and does not run in a â€Å"sandbox. Depending on browser security settings, the browser application may display a security warning to either stop or continue the installation. The warning may not offer a proper description of the program, and usually is misleading or could be masked by other deceptive dialog boxes. Sometimes â€Å"No† is not taken for an answer, and repeated attempts are made to get the user to approve and download the application. ActiveX controls can be signed or unsigned. Signed ActiveX controls are automatically installed while browsing the web, and are used by spyware applications. A signed ActiveX control only verifies that the code or control was from the signer and that it has not been altered; however, it may still be malicious. (Shanmuga 2005) 2.5.2 P2P Wrecks Havoc Most of the spyware comes bundled with other popular programs that are that are free, also through most of the peer-to-peer networks like Kazaa, Bearshare, Limewire among others. They install malware in the machine as part of the P2P installation process. The P2P application may not function if these components are not installed. These â€Å"free† versions generate ad revenue for their publishers, causing pop-ups and sending information to affiliate networks for data aggregation or data mining. Applications such as Cydoor, New.net, TopText, SaveNow, Webhancer, VX2, CommonName, GetNet/ClearSearch, IncrediFind and OnFlow are of the few applications that are installed this way and may serve up ad banners and ad messages, or track your Internet surfing habits. Unfortunately, the makers of the host programs try not to advertise their programs hidden payloads. Reading the licensing agreement (carefully) during installation will often reveal embedded licenses for the piggybacking adware. (Shanmuga 2005) 2.5.3 Software free web download Some of the softwares that they claim is free in the internet, when you download and install them, at the same time you will be installing a secondary program. This secondary program is a spyware. It will monitor your activity and report to a third party or a central database. If the user notices the spyware and deletes it, but didnt delete the software, whenever the system online, the software will download the spyware application and install it again. This kind of infection often occurs when the use fails to read the license agreement. In other cases, the license agreement is twisted in such a way that the user will not understand it. (Shanmuga 2005) 2.5.4 Social engineering Sometimes when users browse the web, they may receive offers for corrective programs or special plug-ins that may be described as necessary for viewing the site. These voluntary but covert and unintentional installations are one source of spyware. Some of these offers are made to appear like a Windows alert from Microsoft or an anti-spyware application to tricks users into downloading and installing them. (Shanmuga 2005) 2.5.5 Security holes in internet explorer Another method of infection is by exploring the security holes in internet explorer. Internet Explorer has had multiple security vulnerabilities, some of which are disclosed by Microsoft with downloadable updates and patches. Some spyware applications take advantage of these holes and install Trojan droppers, which redirect the browser to portal sites. CoolWebSearch (one of the most notorious pests in recent times) and many other spyware are known to take advantage of Internet Explorer security holes. KeenValue, and InternetOptimizer are examples that use Trojan downloader. (Shanmuga 2005) 2.6 TARGET VICTIMS OF SPYWARE Spyware generally has no specific target victims, but in some cases it has specific victims. It attacks any and every one that falls into its trap. It usually hides in other programs or in some websites like porn website. Spyware is divided into two, domestic and commercial spyware. The victims of domestic spyware are specific, because domestic spyware is software that is usually purchased and installed by computer owners to monitor the Internet behaviour on their computer networks. Employers usually use this software to monitor employee online activities. Some family members use domestic spyware to monitor other family members, while parents and guardians often use this kind of software to monitor the activities of their children online. Some people use this kind of softwares to spy on their friends and girl friend. Others purchase this spyware to install in their partners mobile phone so as to monitor the call and SMS that they are making. Large companies and businesses are also among the most popular spyware targets. This often happen due to competition in the business or personal enmity, while sometimes is just for fun. In this kind of situation, malwares are often used. This is because malware is specifically design to damage the machine. The most popular victims of spyware are the general public. This is because spyware infects and still information about the general public and sends them to a third party who sells the information to advertising companies. More than 80% of general public that are using the internet have/had been affected by spyware one way or another. This shows that both mobile device users and computer users can be affected by spyware. 2.6.1 Mobile devices Not all mobile device users can be affected by spyware. There are categories of mobile devices that can be affected. This includes a blackberry, palmtop, iphone, and any other mobile device that has Bluetooth or can connect to the internet. This is because spyware has to be downloaded, transferred or installed from a source. 2.6.2 Computers All type of computers can be affected with spyware if they are online. Sometimes, the computer is not infected through the internet, but spyware needs the internet so as to establish connection with the third party. 2.7 IMPLICATIONS OF SPYWARE Spyware may Impact of Spyware on Computers and Mobile Devices Impact of Spyware on Computers and Mobile Devices 1.0 INTRODUCTION 1.1 PROJECT OUTLINE The title of the project chosen by the author is â€Å"Study on the impact of spyware on computers and mobile devices† which simply means that the author analyzes the impact of spyware through an empirical study. The study focuses on the factors that influence the spyware growth which in turn increases its level of impact on computers and mobile devices. Computers and mobile devices are widely used; they are used to access the internet, while everyone wants to acquire the internet in todays world. While technology advances, so are the criminal activities on the technology. When talking about computer crime, the first thing that comes to mind is spyware. Spyware is so big of a crime that millions of dollars are lost annually due to it. Hackers use spyware to still private information from the users like credit card information and so on. Although spyware has been here for a long time, it is computer crime with no legal consequence. Users have little or no knowledge about what spyware is and it can do to them and their machines (computers and mobile devises). Even though virus has been around longer than spyware, but spyware is beginning to make its mark with computer security breaches. Spyware can collect personal data from a users computer. If not taken care of spyware can cause delayed processing of many of your applications. Below are the brief descriptions of each chapter: Chapter one: Introduction This chapter provides a brief overview of the project. It provides the reader with the background information about spyware and the problem statement. The research questions, limitations and methodology are also discussed in this chapter. Chapter two: Literature Review This chapter mainly deals with the pertinent literature of the impact of spyware and discussion on the various types of spyware effect and the comparison between the mobile spyware and the computer spyware. Lastly, the chapter will also discuss about the factors enhancing spyware growth. Chapter three: Research Framework and Hypotheses Development This chapter discus the author is going to propose the research framework/model and hypotheses to explore the users perception about privacy, self efficiency, security, legal framework, spyware knowledge and self-efficiency, trust and cost. Chapter four: Research Methodology This chapter will describe the research design that is used during the research. The chapter will discuss the overall research process. The chapter will also include information on data collection, sampling plan and questionnaire development. Chapter five: Data Analysis and Findings This chapter will outline the data collected through questionnaire and interviews by making use of the appropriate software and analysis of the study. The chapter will also provide discussion of the research findings. Chapter six: Conclusion and Recommendation This chapter will discuss about the result of the previous chapter the contribution of the study to the body knowledge. Conclusion along with future enhancement will also be discussed in the chapter. This chapter concludes the research. 1.2 INTRODUCTION This chapter is meant to give the user/reader helpful idea and an insight to the whole research. Most readers will like to get a grasp of the main ideas of a research paper before actually proceeding to read the whole research. This chapter clearly states the primary objective of the research and the main problem which is been researched. The backgrounds and nature of the study are also highlight the purpose of the research. Several books and journals have been read by the author to have foundation knowledge on the concept of spyware. Spyware is a significant problem to most computer users today. The term â€Å"spyware† describes a new class of computer software. This software tracks users activities online or offline, provides targeted advertising, and engage in other types of activities that the user does not desire or the user may describe as invasive to them. Analysis suggests that these types of programs may reside on up to 90 percent (%) of all the computers connected to the internet. (EarthLink 2005) Frequently, programs bundle spyware with freeware or shareware, though it can also arrive via email, instant messages or web downloads. While the magnitude of the spyware problem is well documented, even do recent studies have had only limited success in explaining the broad range of user behaviors that contribute to the proliferation of spyware. Unlike viruses and other malicious code, users themselves often have a choice whether they want to install these programs. Anecdotal evidence suggests, and our study confirms, that some users are willing to install spyware when the desired application is of perceived high utility and a comparable product without spyware is not available or known to the user (Michelle Delio 2004). Our goals in this study are to understand the factors and users decision making process in installing spyware. During installation, users are presented with notices such as software agreements, terms of service (TOS), end user licensing agreements (EULA), and security warnings. Based on information in these notices, users should, in theory, be able to make a decision about whether to install the software and evaluate the potential consequences of that decision. However, there is a general perception that these notices are ineffective and users often dont even read the software agreement, terms of service, end user licensing or security warnings. One software provider included a $1000 cash prize offer in the EULA that was displayed during each software installation, yet the prize was only claimed after 4 months and 3,000 downloads of the software (PC PitStop 2005). 1.3 BACKGROUND STUDY Spyware has existed at least since the late 1980s when some Keyloggers where discovered in some university computers. â€Å"The word spyware was first used in publicly in October 1995. It popped up on Usenet (a distributed Internet discussion system in which users post e-mail like messages) in an article aimed at Microsofts business model.† (Shanmuga 2005) Over the years, there has been a steady growth in the use of spyware by online attackers and criminals to execute crime against individual, companies and organisations. In the span of just few years, spyware has become the internets most popular download. During the years, the anti-spyware was developed to tackle this problem. The anti-spyware was meant to find, detect and remove the spyware. But even with the development of anti-spyware, spyware still continues to grow every day. One of the factors that aid this growth is the lack of standard definition of spyware. Jerry Berman, President of the Center for Democracy and Technology (CDT), explained in testimony to the Subcommittee on Communications of the Senate Commerce, Science, and Transportation Committee in March 2004 that â€Å"The term has been applied to software ranging from keystroke loggers that capture every key typed on a particular computer; to advertising applications that track users web browsing; to programs that hijack users system settings.† (CDT 2004) He noted that what these various types of software programs â€Å"have in common is a lack of transparency and an absence of respect for users ability to control their own computers and Internet connections.† (CDT 2004) Different anti-spyware companies and organizations use different definition which makes even difficult for the users of computers and mobile dont even know what spyware is, as such how can they know the threat of it and the harm it those to their devices 1.4 PROBLEM STATEMENT The problem statement of this research study â€Å"is the hypothesized factors influence and positive affect the users attitude towards spyware?† Even do spyware has been here for over two decades, it still does not have a standard definition. This makes it harder for users to understand what spyware is and how it affects their system, and how deep is the level of impact. (Norbert 2007) Past studies have been done to study the development of spyware and its growth, how it affects the businesses, privacy and other personal informations of the users, and disrupts the performance of the users machine, and the factors that influence the growth. While the magnitude of the spyware problem is well documented, even do these studies have had only limited success in explaining the broad range of user behaviors that contribute to the proliferation of spyware. Unlike virus and other malicious codes, users often have the choice to whether they want to install this spyware or not. While other users install it with other programs without knowing. This situation often arises as a result of users not reading the software agreement, term of service or the end user licensing agreements. Nonetheless, only very few studies focus specifically on the level of spyware impact on computers and mobile devices, and most of them were carried out in the United States of America USA. Addressing this problem is a very big issue, because users dont want to spend two to five minutes of their time to read the terms of service. The software producers often put in a lot of information in the terms of service there by making the user not read because it is too lengthy. 1.5 RESEARCH QUESTIONS With reference to the Problem statement, the author suggested the following questions: What are the factors influencing spyware growth among users? What are the theoretical models used and extended in previous studies of spyware? What are the significant factors influencing the research? What are the users reactions towards spyware? How will the research result affect impact of spyware on computers and mobile devices? 1.6 RESEARCH OBJECTIVES With reference to the research questions, the author developed the following research objectives for the study: To identify the factors influencing spyware growth among users. To study and discuss the theoretical models used and extended in previous studies of spyware. To examine the hypotheses and experimental validating the research model. To better understand the users reaction towards spyware. To discuss the empirical result and the suggestion to promote and reduce the growth of spyware. 1.7 NATURE OF STUDY The author is studying about the impact of spyware in both mobile devices and computers, and the he generates some questionnaires which he will use to gather information from the general public and organisations. This study was design in such a way that the author and other practitioners will answer questions based on their perspective view. The conceptual model was based on extensive literature review of various theoretical models that is aligned with the technological, network, economical, business and some other dimension. The conceptual model is then converted into research model for validation and testing using data collected from the general public and some network specialist. 1.8 SIGNIFICANCE OF STUDY This study presents two main implications, the theoretical contribution and the practical contribution. The developed model in this study consists of six constructs; they are spyware knowledge, perceived privacy control, security effect, self efficiency, legal framework, and trustworthiness and trust in vendors. This model is tested empirically to explain what will lead the users to take technical defensive measures. In practical contribution, the result of this study will also benefit the software vendors, the users of computers and mobile devices and any other institution will be able to apply the key factors obtained from this research to meet their institutional, organizational or personal needs. This study will benefit in term of providing the users point of view and it will also contribute to administration decisions as the finding of the research help direct them to the area of focus. The findings will make the contribution in term of creating an understanding on the factors that will influence spyware growth and its level of impact. 1.9 METHODOLOGY OVERVIEW This research is design in such a way that it was divided in two adopted steps. The steps are the pre-test study and the main study. The pre-test study was the study that was done in the early stages of the research. This involves the literature reviewing of type of spyware, impact of spyware, how spyware affects the machine and so on. The pre-test was conducted to gain a greater understanding about spyware. The pre-test study helps in understanding the topic there by producing the main research questions. The main study will be conducted based on a survey, a questionnaires and interview conducted among users, corporations and some top school in Malaysia. The questionnaire will be use to collect data on some of the identified problems. The collected data will then be analyzed using the appropriate statistic tools. 1.10 CONCLUSION In conclusion, this chapter introduces the research to the reader by bringing out the background of spyware, the primary objective of the research, also stating the main questions of the research. It also discusses the methodology in summary. In short, this chapter will provides the reader will hopeful idea about the research. The following chapters will further provide the literature review on the impact of spyware in our machines and devices. 2.0 LITERATURE REVIEW 2.1 INTRODUCTION This chapter will provide an in-depth detail on spyware as well as the types of spyware. The chapter will also bring out all the possible definitions of spyware, the overview of spyware. The chapter will bring out the possible ways in which spyware operates and it will talk a little about the target victims of the spyware. The chapter will also analyze the infection methods of spyware and so on. 2.2 DEFINITION It is not easy to bring out a standard definition on spyware, which makes it much harder to understand. But the author will bring out all the definitions he can find and also propose/bring his own definition based on his understanding of the spyware. In the definition of spyware, two particular issues must be included for the definition to be complete. But research shows that users only stick to either one of the two when defining spyware. This two issues are always been contested by the users. The two particular issues contested are the range of software behaviour and the degree of user consent that is desirable. Firstly, some users prefer the narrow definition which focuses on the monitoring (Surveillance) aspects of spyware and its ability to steal, communicate and store information about users and their behavior. Others prefer the broad definition that includes adware, toolbars, search tools, hijackers and dialers. Definitions for spyware also include hacker tools for remote access and administration, key logging and cracking passwords. Second, there is limited agreement on the lawfulnessof spyware that engages in behavior such as targeting advertisements, installing programs on user machines and collecting click stream data. Users consider a wide range of programs that present spyware-like functionality unacceptable. To complicate the definition, certain software behaviors are acceptable in some contexts but not others. Furthermore, there is concern over user notice and consentrequired during an installation process. The practice of bundlingsoftware, which merges spyware with unrelated programs, also heightens this concern. Jerry Berman, President of the Center for Democracy and Technology (CDT), explained in testimony to the Subcommittee on Communications of the Senate Commerce, Science, and Transportation Committee in March 2004 that â€Å"The term has been applied to software ranging from keystroke loggers that capture every key typed on a particular computer; to advertising applications that track users web browsing; to programs that hijack users system settings.† (CDT 2004) He noted that what these various types of software programs â€Å"have in common is a lack of transparency and an absence of respect for users ability to control their own computers and Internet connections.† (CDT 2004) The author will also like to propose his definition of spyware based on his understanding of the matter. Spyware is a program that is installed in the machine with or without the permission of the user, and it can monitor the activities of the user, steal valuable information from the user and send to a third party and disturb/regulate the functionality of the machine like speed, stability and internet access efficiency. 2.3 OVERVIEW 2.3.1 Types of spyware Basically any software that can be installed in the users machine which is used to obtains information from their computer or mobile device without their knowledge can be termed as a spyware. There are many types of spyware that are doing the rounds on the Internet, but in technical terms, you can classify them into two broad categories namely, Domestic Spyware and Commercial Spyware. (UpickReviews 2007) 2.3.1.1 Domestic spyware Domestic spyware is software that is usually purchased and installed by computer owners to monitor the Internet behaviour on their computer networks. Employers usually use this software to monitor employee online activities. Some family members use domestic spyware to monitor other family members, while parents and guardians often use this kind of software to monitor the activities of their children online. Some people use this kind of softwares to spy on their friends and girl friend. In America, many couples often install this kind of software on their partners mobile phone in other to monitor their call. This usually happens when one party thinks the other is cheating on them. A third party can also install domestic spyware without the knowledge of the computer owner on their machine or mobile device. Law enforcement officials have often used domestic spyware to monitor suspected criminal activity and criminals have used domestic spyware to siphon personal information from private computers in order to steal assets. (TopTenReviews 2003) Domestic spyware is one of the most common spyware used using mobile devices. This is done to monitor the activity of the target victim i.e calls and SMS. 2.3.1.2 Commercial spyware. These types of software systems are often used by third parties to monitor and record the browsing behaviour of the user. The main purpose of it is to monitor the online habits of the user and sell the gathered information to anyone who might be interested. It is often online businesses that buy the information and use it to hit the user with targeted advertising, i.e. advertisements that relate to your usual Internet browsing habits. Advertisers often use commercial spyware simply because it is far simpler, economical and faster than collecting information through legal means such as contests, questionnaires, registration surveys and the likes. It is also because information gathered by spyware is far more reliable because users often dont cooperate when it comes to filling questionnaire sincerely, while some may accept to do it but they will not give true information when it comes to their private things. Since it represents the users true browsing behaviour, the advertisers go for it. You may take your pick while filling out an online registration form, but you just cannot cheat a spyware because it simply monitors and records all your activities. In the past marketers had to bribe their way to learn the users preferences through contests, registration surveys and the like. Those methods of gaining the users personal information still exist, but in those cases you have the power to read the fine print to learn the fate of your data and so could choose to consent or refuse There are many types of spyware that are classified under commercial spyware. They are: Browser hijackers, adware, Malware, dialers, Trojans and viruses, Worms, etc. 2.3.1.2.1 Adware Adware is the most common type of spyware available. They are cookies which hide on your computer waiting for you to go online. The cookies often get into your computer through popup that you open. Once the adware detects that youre connected to the Internet it starts sending you popup, pop-over, pop-under ads, and some sort of advertisement for anything from airline tickets to porn site membership. Not only that but even information on your viewing habits is tracked and stored. This data is then sold on to marketing companies who will be sending you more junk email and popup ads. (Spam-site 2006) 2.3.1.2.2 Dealers Software that gets installed on your computer that has the ability to make phone calls from your computer, though a phone-connected modem, without your knowledge. These programs will connect to other computers, through your phone line, which are usually porn sites. These numbers are pay per minute call though, so you get charged for the amount of time your computer is connected to it. While dialers do not spy on users they are malevolent in nature because they can cause huge financial harm to their victims. It is mostly used by porn sites. They can also be classified as hijackers. ( Abrams 2009) 2.3.1.2.3 Malware Malware is malicious software designed specifically to damage users machine. But Malware is typically not self-replicating or designed for PC-to-PC distribution. (Pareto 2009) 2.3.1.2.3 Trojan Trojan is a program that contains hidden functionality, often posing as useful applications yet performing Spyware or Adware functions and facilitates unauthorized access to the users computer system. The term ‘Trojan horse was found from the mythical wooden horse that carried hidden Greek soldiers into Troy. (Pareto 2009) 2.3.1.2.4 Worm Worms are self-replicating, fast-spreading Internet threats that are more like viruses than Spyware. They differ from viruses in that they can replace entire files on the host computer. Both viruses and worms attempt to spread to as many computers as possible, using e-mail, the Internet, and file-sharing networks as methods of distribution. (Pareto 2009) 2.4 OPERATIONS OF SPYWARE The usual method for a spyware to operate is to run secretly in the background of the users computers (McCardle 2003). The reason behind this concealing of processes is commonly argued as that it would hardly be acceptable if, e.g., if free file-sharing software kept stopping to ask the user if they are ready to fetch a new banner or a pop-up window (Townsend 2003). Therefore, the client/server routine of spyware is normally executed in the background. In practice, there would be nothing wrong with spyware running in the background provided that the users know that it is happening, what data is being transmitted, and that they have agreed to the process as part of the conditions for obtaining the freeware. However, most users are unaware that they have software on their computers that tracks and reports information on their Internet usage to a third party. Typically, a spyware program secretly gathers user information and spreads it without the users knowledge of it. Once installed, the spyware monitors, e.g., user activity on the Internet and transmits that information in the background to third parties, such as advertising companies. In reality, spyware run constantly, even when their carrier program, e.g., a file-sharing tool, has been terminated. A more or less legal grey area is utilized by the spyware actors, since in most program licenses they specify that information may be gathered for corporate purposes. However, the usual model is to collect more information than they have asked for (Townsend 2003). Besides this, most license agreements are been formulated in such a way that the reader finds it extensively hard for users to understand. 2.5 SPYWARE INFECTION METHOD Spyware infects its victims through many different ways. The most common of these ways include drive-by download, P2P wrecks havoc, free software download, social engineering and vulnerability route. 2.5.1 Drive-by downloads This is a program that is automatically downloaded to users computer, often without the users knowledge. The download may be initiated when the user visits a website or by another application. Drive by downloads can also be initiated by Mouse Over downloads, requiring a user to run the mouse over a malicious Pop-up ad or malicious pop-up window. Another scenario is when the user visits a website that pops up a window with a message like in order to properly view this website you must install this program. The FTP / HTTP Get request will initiate the download of the software onto the client machine. Installation will be performed by the user and during this installation they will be asked permission to install the malware as well as the software. Internet Explorer uses ActiveX controls for installing legitimate plug-ins like Flash, to enhance the browsers functionality and provide interactive programs for Internet Explorer. When misused, it provides a means for installing spyware such as dialers, browser hijackers, and other types of malware. ActiveX programs can automatically download to a users computer, often without users knowledge. It can be invoked from web pages through the use of a scripting language or directly with an HTML OBJECT tag. On execution by a web browser, it has full access to the Windows operating system and does not run in a â€Å"sandbox. Depending on browser security settings, the browser application may display a security warning to either stop or continue the installation. The warning may not offer a proper description of the program, and usually is misleading or could be masked by other deceptive dialog boxes. Sometimes â€Å"No† is not taken for an answer, and repeated attempts are made to get the user to approve and download the application. ActiveX controls can be signed or unsigned. Signed ActiveX controls are automatically installed while browsing the web, and are used by spyware applications. A signed ActiveX control only verifies that the code or control was from the signer and that it has not been altered; however, it may still be malicious. (Shanmuga 2005) 2.5.2 P2P Wrecks Havoc Most of the spyware comes bundled with other popular programs that are that are free, also through most of the peer-to-peer networks like Kazaa, Bearshare, Limewire among others. They install malware in the machine as part of the P2P installation process. The P2P application may not function if these components are not installed. These â€Å"free† versions generate ad revenue for their publishers, causing pop-ups and sending information to affiliate networks for data aggregation or data mining. Applications such as Cydoor, New.net, TopText, SaveNow, Webhancer, VX2, CommonName, GetNet/ClearSearch, IncrediFind and OnFlow are of the few applications that are installed this way and may serve up ad banners and ad messages, or track your Internet surfing habits. Unfortunately, the makers of the host programs try not to advertise their programs hidden payloads. Reading the licensing agreement (carefully) during installation will often reveal embedded licenses for the piggybacking adware. (Shanmuga 2005) 2.5.3 Software free web download Some of the softwares that they claim is free in the internet, when you download and install them, at the same time you will be installing a secondary program. This secondary program is a spyware. It will monitor your activity and report to a third party or a central database. If the user notices the spyware and deletes it, but didnt delete the software, whenever the system online, the software will download the spyware application and install it again. This kind of infection often occurs when the use fails to read the license agreement. In other cases, the license agreement is twisted in such a way that the user will not understand it. (Shanmuga 2005) 2.5.4 Social engineering Sometimes when users browse the web, they may receive offers for corrective programs or special plug-ins that may be described as necessary for viewing the site. These voluntary but covert and unintentional installations are one source of spyware. Some of these offers are made to appear like a Windows alert from Microsoft or an anti-spyware application to tricks users into downloading and installing them. (Shanmuga 2005) 2.5.5 Security holes in internet explorer Another method of infection is by exploring the security holes in internet explorer. Internet Explorer has had multiple security vulnerabilities, some of which are disclosed by Microsoft with downloadable updates and patches. Some spyware applications take advantage of these holes and install Trojan droppers, which redirect the browser to portal sites. CoolWebSearch (one of the most notorious pests in recent times) and many other spyware are known to take advantage of Internet Explorer security holes. KeenValue, and InternetOptimizer are examples that use Trojan downloader. (Shanmuga 2005) 2.6 TARGET VICTIMS OF SPYWARE Spyware generally has no specific target victims, but in some cases it has specific victims. It attacks any and every one that falls into its trap. It usually hides in other programs or in some websites like porn website. Spyware is divided into two, domestic and commercial spyware. The victims of domestic spyware are specific, because domestic spyware is software that is usually purchased and installed by computer owners to monitor the Internet behaviour on their computer networks. Employers usually use this software to monitor employee online activities. Some family members use domestic spyware to monitor other family members, while parents and guardians often use this kind of software to monitor the activities of their children online. Some people use this kind of softwares to spy on their friends and girl friend. Others purchase this spyware to install in their partners mobile phone so as to monitor the call and SMS that they are making. Large companies and businesses are also among the most popular spyware targets. This often happen due to competition in the business or personal enmity, while sometimes is just for fun. In this kind of situation, malwares are often used. This is because malware is specifically design to damage the machine. The most popular victims of spyware are the general public. This is because spyware infects and still information about the general public and sends them to a third party who sells the information to advertising companies. More than 80% of general public that are using the internet have/had been affected by spyware one way or another. This shows that both mobile device users and computer users can be affected by spyware. 2.6.1 Mobile devices Not all mobile device users can be affected by spyware. There are categories of mobile devices that can be affected. This includes a blackberry, palmtop, iphone, and any other mobile device that has Bluetooth or can connect to the internet. This is because spyware has to be downloaded, transferred or installed from a source. 2.6.2 Computers All type of computers can be affected with spyware if they are online. Sometimes, the computer is not infected through the internet, but spyware needs the internet so as to establish connection with the third party. 2.7 IMPLICATIONS OF SPYWARE Spyware may

No comments:

Post a Comment