Reference no: EM132186953
Write article review with 2 APA format references. Hackers with ill-intent, almost by definition, operate under a shroud of deception and concealment. 2 Corinthians 11:13-14 touches on this type of behavior, saying "for such people are false apostles, deceitful workers, masquerading as apostles of Christ. And no wonder, for Satan himself masquerades as an angel of light" (NIV).
The first step to hiding bad programs on a victim's computer, is to bypass their IDS to get it to their computer in the first place. The main techniques to do this are through obfuscation, fragmentation, encryption, or overloading (Del Carlo, 2003). Then, once the content is on the victim's computer, the attacker can use similar techniques to keep it there. According to Cannell (2013), the aim of most of today's malware is to stay hidden during infection and operation to prevent its removal and analysis.
It is able to hide itself using clever techniques, such as obscuring filenames, modifying file attributes, or "operating under the pretense of legitimate programs and services" (Cannell, 2013). Obfuscation is when binary data becomes unreadable and hard to understand. An attacker might do this by hiding any significant strings (URLs or registry keys) or an entire file to further hide the malware's behavior.
Another way attackers do this is by "exclusive or operation" (XOR), however it is easily defeated. Other, more successful, ways to obfuscate data is by base64 encoding, ROT13 (rotate 13), using runtime packers (only able to view code once it is in memory), or can be something as advanced as full-on encryption.
However, its overall motivation is to mask known functions or keywords (Avital & Yehudai, 2018). As it says in Luke 8:17, "for nothing is concealed that won't be revealed, and nothing hidden that won't be made known and brought to light," hidden information cannot hide forever (CSB).
At some point, it will be found and evaluated, despite its best efforts to stay hidden.
References Avital, N. & Yehudai, G. (2018).
The trickster hackers - Backdoor obfuscation and evasion techniques. Impervia.
Cannell, J. (2013). Obfuscation: Malware's best friend. Malwarebytes Labs.
Del Carlo, C. (2003). Intrusion detection evasion: How attackers get past the burglar alarm.
SANS Institute InfoSec Reading Room.