Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Capella University
Abstract
Virus parasite works like to insect themselves into healthy human/host cells with the
intention of destroying the health tissues cells of the host and compromising the healthy tissues
and immune system to fight back. If the immune system of the host is not strong enough to strong
enough to fight back the attack from the Virus/bacteria parasite it ends up resulting sickness and
This paper describes the “various types of malware and unauthorized devices. Discussing
the paper will examine the approaches used by intrusion detection and prevention to identify
malware. The paper will review malware detection tools and the procedures used by the anti-
malware application to see and respond to a malware security breach” (Capella, 2019, 18-19).
unauthorized devices.
DETECTING AND MANAGING MALWARE 3
Table of Content
Cover Page,
Abstract.
Table of Content.
Introduction/ Body
Conclusion
References
DETECTING AND MANAGING MALWARE 4
Introduction
The way and manner in which malicious malware which work is the same way as virus
parasite in a health tissues of human cell but in this case the malicious program since there are
outside programs which are security threats to host computer network system in which they
manipulatively insect in the application, computer system, and OS data, programming code of
packet data with real intention is to cause damage to computer system information, also run
manipulative intrusion and all-out destruction package and also seeking to makes sure that
computer network system doesn’t comply with computer network security principles of CIA for
These malicious applications can cause a computer system security outbreak throughout
the system with disruption which requires much-needed computer system recovery within any
organization such as Phishing. This manipulative malicious application deceits the victims into
unconsciously give out sensitive data. That is why this paper will recommendation and identify
the various types of malware with better malware or malicious application intrusion detection and
preventions procedures we can better mitigate these malicious application security breaches. Every
organization by paper recommendation states that they plan for security breaches from a malicious
application for today and the future. It should be put into the organization information security
policies statements which contain all the procedures for malware intrusion detection and
prevention for every member of the organization which takes into consideration the security threats
Depending on the information security procedures for malware intrusion detection and
DETECTING AND MANAGING MALWARE 5
prevention it may change base on the procedures that work well for the organization in the
managed and non-managed environment of the organization information security system. The
well-suited procedures which work well for the malware intrusion detection and prevention
procedure for the Host network system and dependent environment network system. Which is in
the information security statement for the malware intrusion detection, other computer network
system methodologies and prevention take into the consideration the employee’s awareness policy,
network system maintenance, network system vulnerabilities risk, network system security threats
Types of malware and malicious unauthorized devices as attackers’ tools which use
manipulative malicious applications to target its host by malware or its toolkits to cause harm to
computer network system from the traditional, phishing, web-based malicious application,
advanced determined security breaches. There is virus which is malicious application that
replicates itself by inserting replicates of the applications into the host system logs, data files and
programs which occur once there is user communication from opening an application such as the
compiled and interpreted virus, these viruses happen from the Operating system and application
level of execution virus e.g. boot log files viruses which infect the boot sectors files of storage
devices drive. There are also worms which are a malicious application that is self-replicating which
runs on its own abilities to infest computer network system without user interaction. Examples are
network service worms and mass mail worms these worms run on the network system vulnerability
to replicate itself to affect the host network system. There is also Trojan Horses which are not a
self-replicating malicious application, but they are hidden malicious application which replaces
existing files or malicious version of the files into the host system or applications such as malicious
There are also attackers’ tools which are used to attack to the targeted host system through
unauthorized access to affects the host system such tools as backdoor tools for an attacker to listen
to the host system TCP or UDP port for network system protocols and commands by a malicious
application. There are keystroke loggers, rootkits tools which all malicious tool for incepting the
host system keyboard use and collection of host system files maliciously from the application.
There are also web browsing plug-Ins and email generation tools by these tools the attacker uses
malicious web browser plug-ins to display on the web browser or use malicious applications to
create and send mass quantities of email from the host system to another host system without the
For intrusion detection and prevention system to detect malware from the intrusion
prevention system which detects malware from network system traffic packet sniffing to see any
suspicious events they do so by the inline of application acting like network-based firewall, which
the detect the malware by its attack signatures, the network protocol to identify the malware and
its activities. There is also the behavior detection evaluation and stateful protocol of malware by
the intrusion prevention system which identifies the uncommon network traffic movements they
detect attacks such the backdoor, attack signature profiles or email generation attacks which has
to cause the high-volume network system traffic and significant anomaly activities to the network
Malware detection tools work in a way of content inspection and filtration procedures to
stop any email-based security breaches, stop spam threats to reaching its target. Also, work in the
way of hindering/blocking email file extension or undesirable files types which have malicious
code. There is malware detection tool have specific procedures which are common such as the
code evaluation which makes the malware detection tool to evaluate any malicious coding from
DETECTING AND MANAGING MALWARE 7
the sandbox or virtual program to evaluate the character and profile of every network traffic and
application activities. There is also the procedure of evaluating network traffic and filtration where
the malware detection tool restricting unauthorized access to network system resources and traffic
evaluation of peer-to-peer sharing, data extract by any application or program. Also, they can
monitor files system of the network system by integrity and attribute checking of the file system
on the network system. The malware detection tools are also able to detect network system log
system evaluation of OS and application for malicious events (Mohan, 1999, p 24- 28).
Anti-malware application is able to identify and mitigate a new malware breaches from
application sensor which detect and observe an event from and to host applications to different
parts of the network system by match the applications activities, the host programs, and network
system resources activities. Since there are activities of anti-malware application which identify
and mitigate threats from an invalid IP diagram, wrong application code injection, invalid TCP
packet of the application or devices. Also, when there is a slowdown of a computer system,
application services functions and web browser speeds. They mitigate by security automation
procedure which can configure security policies checklist, patch management of OS, applications,
and devices. Since there are different types of the host on network security systems infrastructure
devices such as a workstation, server, firewall devices, web server, routers, remote access server,
and mobile computing technologies. Also, the mitigate by browsing separation by using various
web browsers for various web access and anti-malware application support and access (NIST, n.d,
p 15- 19).
DETECTING AND MANAGING MALWARE 8
References
Capella University, 2019, Courseroom, unit 4, Detecting and Managing Malware, Date retrieved
02/1/2019,
https://courserooma.capella.edu/webapps/blackboard/content/listContent.jsp?course_id=_
162482_1&content_id=_7268977_1&mode=reset
Phillip Bosco (2016) Intrusion Detection and Prevention Systems Cheat Sheet: Choosing the
room/whitepapers/intrusion/intrusion-detection-prevention-systems-cheat-sheet-
choosing-solution-common-misconfigurations-evasion-techniques-recommendations-
36677
K. Scarfone, P. Mell, (2007) Special Publication 800-94: Guide to Intrusion Detection and
(2007)
Mohan, S. (1999). Ethical hacking finds network holes. InfoWorld, 21(8), 45-45,51. Date
retrieved 02/1/2019,
http://search.proquest.com.library.capella.edu/docview/194334757?accountid=279
Whitman, M. E., & Mattord, H. J. (2011). Principles of information security (4th ed.). Boston,
NIST. (n.d.). Intrusion Detection and Prevention Systems. Date retrieved 02/1/2019,
https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=901146
DETECTING AND MANAGING MALWARE 9
DETECTING AND MANAGING MALWARE 10