Spyware can be classified as a program that can be bound together into another pieces of software through this it can obtain sensitive information about user consent but without user knowledge and send it to third party in compromise of confidentiality, integrity and availability of system [1] . Federal Trade Commission has been report that fifty -percent of all Windows crashes in Microsoft is because of spyware because these program is having significant effect on reliability [2].
My research will focus more on the types of spyware, how spyware program work and types of detection tool techniques that have been presented. The main goal of this research is to study related issues of the spyware that is to study prevalence and distribution of spyware, compare some of the spyware removal tools that exist and make survey internet user awareness about spyware.
Spyware can be classify by adware, keyloggers, trojans, scumware, dialers, and browser hijackers [3]. All of this program is determine to monitor user online activities, to send malicious program that harmless the system, alter the content of website that user accessing, sending pornography via internet or gather user information of user surfing habits every time user use the Internet [2][3]. The techniques used by spyware can be classify by 3 level : Basic cookies, Associated cookies and Application cookies [3]. First level is basic cookies, this is a simple cookies that will identifies the user each time user return to the site. Second level is associated cookies that track of user activity every time user connect to any member site that has form agreement with advertising companies to allow advertiser to put the references of the site. The third level is application based. This level has became greatest possibility to abuse. This is because user cannot restrict application based spyware and this type of software has been use by hacker for intrusions.
Current anti spyware tools that exist today such as AdAware and Spy Search and Destroy implement traditional techniques to detect spyware that is based on signature based detection and behaviour based detection [1] [4] . This method have not be able to detect unknown spyware and different kinds of known spyware and also behaviour based spyware detection cannot detect spyware when it attempts to blend in with legitimate behaviour [4] [5].
Various of research on spyware detection tools techniques have been studied [6] [7] [8] to overcame this traditional spyware detection issues. Wang and Chen [6] , Shazhad et al. [7] and Boldt et al. [8] have been implemented data mining concept as a essence of the idea to this problem but use different outcome to approached the detection tools techniques.
Wang and Chen [6] presented a techniques to detect spyware based on an abstract characterization of interest of a popular class of spyware program. Data mining approach it has been implemented in this techniques since it can detect the interest of spyware through large amount on behaviors. Two kind of method has been divided in two phase. First phase is to monitoring two kinds of action of general behaviors of spyware that is copy-and-paste and transmission based on sensitive and critical data. Second phase is through backward cloud generator that can transit quantitative data by observing the spyware behaviors to get the concept of interests. Spyware can be detect when it represent both functions on sensitive and critical data and when the keywords of the data are similar.
Detection spyware through analysis of mining executable files has been proposed on Shazhad et al. [7] that inspired by data-mining based malicious code detection. These method described binary features that have been derived from executable files. Two stage of process has been described that is derived features from binary files and then apply it to reduce data set complexity. Second stage is to modify reduced features set into the Attribute-Relation File Format (ARFF). Earlier unseen binaries whether legitimate software or spyware can be classify by classifier generated through n-gram based data sets.
Boldt et al. [8] had conducted experiment and hypothesis to detect spyware through End User Licence Agreement (EULA) by classified it as good and bad software application. Some empirical experiment such as 15 mining algorithms, 1 baseline classifier and a state of the art of EULA have been conducted to adapted it on the data set. These method can be accomplished as background process set of data to identify and analyze a EULA so it can be guideline to user when to install new software.
Through all the method that have been mention earlier [6] [7] [8] spyware is seems to generate unconcern reaction from users in term of the predicted terrible consequence. According to the survey that have been conducted by American Online user willingly accept spyware for getting freeware or shareware without unaware of any harm that can be cause by spyware [9]. In order to understandable Internet users among student of University toward spyware, we conduct some questionnaire and survey. The survey will be conduct based on previous research [9] and experience or knowledge of user for configuring computer to prevent the infections of spyware. Through this survey we hope can make hypothesis and analysis in user awareness and concern about spyware.
Spyware is been classified as a technologies program that have develop as a problem, a threat and a "disease" to online user now days. My study has shown that in most cases that a lack of online users understanding of implication of spyware in term of awareness and privacy. The most important way to against the spyware is to educate the online user and increase awareness about spyware and its consequences. Spyware can install unexpected application through embedded installs, drive -by installs, browser exploits and email attachments [3]. By combining the views from different approach of spyware detection tools , it can give more idea and knowledge how analysis and generate data on data mining based malicious code detection have been studied to develop spyware tools detection. Perhaps in the future some detection tools that have been study can be implemented in Anti-Spyware software because recent Anti-Spyware are inspired by using same techniques against to security problem such as worms, computer virus and spam [3] [5]. The future study is a network based detection tools that is a method of spyware detection by using network traffic to detect and indicate malicious or suspicious intent.
References
[1] M. Klang, "Spyware - The Ethics of Convert Software", Ethics and Information Technology, 6(3), 2004, pp. 193 - 202.
[2] Federal Trade Commission, "Monitoring Software on Your PC : Spyware, Adware and Other Software", Staff Report Federal Trade Commission, 2005.
[3] W. Ames ,"Understanding Spyware: Risk and Response", IT Professional, 6(5), IEEE Educational Activities Department, 2004, pp. 25-29.
[4] E. Kirda, C. Kruegel, G. Banks, G. Vigna, and R. A. Kemmerer, "Behavior-Based Spyware Detection", Proceedings of the 15th USENIX Security Symposium Canada, 2006, pp. 273-288.
[5] H.B Kekre, S.D. Thepade, A. Shah, P. Verlekar and S. Shirke "Network Vaccination Architecture", Proceeding of International Conference on Advances in Computing, Communication and Control (ICAC3'09) , 2009, pp. 516-520.
[6] X. Wang and J. Chen, "Interest- Based Spyware Detection", Proceedings of 2009 International Forum on Computer Science-Technology and Applications, 2009,
pp. 175 - 178.
[7] R.K. Shazhad, S.I. Haider and N. Lavesson, "Detection of Spyware by Mining Executable Files", Proceedings of 2010 International Conference on Availability, Reliability and Security, 2010, pp. 295 - 303.
[8] M. Boldt, A. Jacobsson, N. Lavesson and P. Davidsson, "Automated Spyware Detection Using End User License Agreements", Proceedings of 2008 International Conference on Information Security and Assurance, 2008, pp. 445 - 452.
[9] R. Poston, T.F. Stafford and A. Hennington, "Spyware : A view from the (Online) Street". Communication of the Association for Computing Machinery (ACM), 48(8), pp. 96 - 99.
Conferences
List of conferences
The Third International Conference on Computer Networks & Communications (CoNeCo-2011) , June 26 - 28, 2011, Ankara, Turkey.
International Conference on Security and Cryptograpy (SECRYPT) 2011, Seville, Spain.
The Second International workshop on Communications Security & Information Assurance (CSIA 2011) , In Conjunction with WiMo - 2011, Ankara Turkey.
World Congress on Internet Security ( World CIS - 2011) , February 21 - 23, London, UK.
The Second International Workshop on Mobile, Wireless and Networks Security
( MWNS - 2011), July 23 - 25, 2011, Chennai, India.
ECRYPT is part of ICETE, the International Joint Conference on e-Business and Telecommunications. These conference will focus more on theoretical and practical advances in information theory and information security. Through these conference it was great opportunity to me as Computer Science student to gain more knowledge and exchange idea according information and communication. Beside that the scope of this conference also to focus on information systems and network security that can give me more extensively about my course.
familiarize participants more extensively with the methodology of their chosen training or course
