ВУЗ: Не указан
Категория: Не указан
Дисциплина: Не указана
Добавлен: 07.04.2021
Просмотров: 159
Скачиваний: 1
The study done by AOL/NCSA [12] found that, of all the people who had spyware on their computers
only 5% had given the permission for their installation. Of course, the statement is not entirely correct as
most of the spyware is mentioned in the EULAs. It should be said that only 5% of the people knowingly
consented for the installation while the rest although unknowingly but still consented for its installation.
This behavior stems from the unawareness and ignorance towards the ways of spyware. For reference I
present a table below from the study in [7]. The table shows that people who have had experiences with
spyware are more likely to be aware of it and thus are more likely to take preventive and corrective
measures. If we can educate people about spyware and replace the experience with knowledge we can
prevent spyware infections to a certain extent.
Awareness
of spyware and a little knowledge about its
modus operandi
, in my opinion can go a long way in helping to handle this menace.
Figure 5. Internet user's attitude toward spyware [7]
A second front would be the legal side of it. Spyware is thriving because of the laxity and the
ambiguity of laws which exist. Also, because the definition of spyware is so hazy and merges with legal
advertisement on its edges, it is difficult to identify and counter spyware without hurting legitimate
businesses. A number of laws already exist to prevent the spyware and more and more states are crafting
new laws but the need to protect legitimate businesses always leaves loopholes in such laws which can be
exploited by the illegitimate ones. The efficiency of such laws is questionable; nevertheless these are
steps in the positive direction. What is required in the future is a stricter definition of spyware and laws
which can strongly prosecute the offenders. The implementation of these laws is possible in the United
States and a few other countries in the world but there are no international boundaries on the internet.
Thus, along with the stronger laws, there is a need for a global collaboration to deal with spyware.
The third and final part of the solution is the technical side of it. Recent advances in antispyware
technologies are certainly helping to protect people against spyware. The focus is now shifting to
proactive measures which detect and prevent spyware installation rather than the reactive measures for
detection and removal after they have been installed. Real time protection, EULA analyzers [4] and
interest based detection [17] are a few of those technologies which detect spyware before they start
working and do not wait until they are done. A number of people in the academia and the industry have
spotted the potential danger and a number of researchers are directing their attention towards this area of
the malware industry. The emergence of companies like Microsoft, McAfee and Norton in the
antispyware business is a harbinger of better things to come to the protection of people from this
nuisance.
To conclude the report I would say that this growing dark cloud can only be prevented by a collective
effort and collaboration from the internet users, researchers, corporations and the lawmakers alike.
Spyware needs to be attacked from all sides possible to prevent it from owning the internet and everybody
will have to do their bit. Aware internet users, stringent laws and advanced antispyware technologies are
the answer to this growing threat.
11.
References
[1] Lavasoft spyware study
http://www.lavasoft.com/support/spywareeducationcenter/spyware_statistics.php
[2] Plymouth Computer Doctor study
http://www.plycomp.co.uk/virus-statistics-worldwide.html
[3] Baskin, Brian, and Tony Piltzecker.
Combating spyware in the enterprise.
2006.
[4] Boldt, M, A Jacobsson, N Lavesson, and P Davidsson. "Automated Spyware Detection Using End
User License Agreements."
Information Security and Assurance, 2008. ISA 2008. International
Conference on .
Busan, 2008. 445-452.
[5] Boldt, Martin, and Bengt Carlsson. "Analysing privacy-invasive software using computer forensic
methods."
Detection of Intrusions and Malware & Vulnerability Assessment.
2006.
[6] eSoft.
White Paper: Spyware Security and Privacy Protection.
eSoft.
[7] Fox, Susannah.
The threat of unwanted software programs is changing the way people use the
internet.
Pew Internet and American Life Project, 2005.
[8] Gibson, Steve. "Spyware was inevitable."
Spyware
, 2005: 37-39.
[9] Gralla, Preston.
How Personal & Internet Security Works.
Que, 2006.
[10] Hinde, Stephen. "Spyware: the spy in the computer."
Computer Fraud and Security
, 2004: 15-16.
[11] Moshchuk, E, Tanya Bragin, Steven D Gribble, and Henry M Levy. "A crawler-based study of
spyware on the Web." 2006.
[12] NCSA, AOL and. "AOL/NCSA Online Safety Study." 2004.
[13] Omniquad.
A white paper on Combating the Spyware menace: Solutions for the enterprise.
Omniquad, 2005.
[14] Poston, Robin, Thomas Stafford, and Amy Hennington. "Spyware: a view from the (online) street."
Spyware
, 2005: 96-99.
[16] Walker, Andy.
Absolute Beginner's Guide to Security, Spam, Spyware & Viruses .
2005.
[17] Wang, Xiaoqiao, and Juanjuan Chen. "Interests-Based Spyware Detection."
International forum on
Computer Science-Technology and Applications
, 2009: 175-178.
[18] Rasch, Mark. "Is deleting spyware a crime?"
http://www.securityfocus.com/columnists/328
, 2005
[19]EULAlyzer,
http://www.javacoolsoftware.com/eulalyzer.html