08-16-2017, 10:01 PM
Prepared by:
Muhammad Samiullah Khan
Abstract
Spywares are computer programs, that are installed(surreptitiously) on computer systems without the knowledge of user of that system, monitor the user behaviorand leak out the secret information. Currently to overcome this problem, antispyware programs are used. But most of these antispyware programs work on similar traditional methodology as antivirus programs i.e. signatures of program is scanned and are compared to signatures of some known spyware programs. If signature of program are same as known spyware program signature, this program is declared as spyware program, and is treated as required. Drawback of this traditional technique is that antispyware programs can easily be deceived by some obfuscation transformation(applied on spyware programs).
This paper presents more sophisticated technique to detect spywares. If we study the general behavior of spywares, we can easily detect any type of spyware. we will restrict our explanation to a class of spywares, that are implemented as Browser Helper Objects(BHOs) and toolbars, for internet explorer to monitor the user behaviour.