cyber security case study examples pdf

A Study of Cyber Security Issues and Challenges

Ieee account.

• Change Username/Password
• Update Address

Purchase Details

• Payment Options
• Order History
• View Purchased Documents

Profile Information

• Communications Preferences
• Profession and Education
• Technical Interests
• US & Canada: +1 800 678 4333
• Worldwide: +1 732 981 0060
• Contact & Support
• About IEEE Xplore
• Accessibility
• Terms of Use
• Nondiscrimination Policy
• Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

Cyber Risks and Security—A Case Study on Analysis of Malware

• Conference paper
• First Online: 08 November 2022
• Cite this conference paper

• Moulik Agrawal   ORCID: orcid.org/0000-0002-7434-5293 14 ,
• Karan Deep Singh Mann   ORCID: orcid.org/0000-0001-9066-8888 14 ,
• Rahul Johari   ORCID: orcid.org/0000-0002-7675-8550 14 &
• Deo Prakash Vidyarthi   ORCID: orcid.org/0000-0003-4151-0552 15  

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 492))

393 Accesses

1 Citations

The automation of business enterprises, the bulk computer storage to store sensitive information, various distributed applications being accessed via the Internet, all these have become critical for the government, financial institutions, and millions of users. Cyber security plays an important role to identify different types of risks and to overcome the challenges of securing the information thereby preventing financial and reputational damage to the organization and its customers. This work introduces some known threats to Cyber Security— Keylogger and Adware , and how they are spoofed and sent to a victim, with which an attacker can surreptitiously break into a network system. This study shows how anyone on the Internet can fall prey to such malware attacks, and how a user needs to protect himself/herself with such increasing number of Internet users. Approaches to prevent these malware programs are also discussed in this paper.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

• Available as PDF
• Read on any device
• Instant download
• Own it forever
• Available as EPUB and PDF
• Compact, lightweight edition
• Dispatched in 3 to 5 business days
• Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Gao J, Li L, Kong P, Bissyandé TF, Klein J (2019) Should you consider adware as malware in your study? In: 2019 IEEE 26th international conference on software analysis, evolution and reengineering (SANER). IEEE, pp 604–608

Google Scholar  

Ramadhanty AD, Budiono A, Almaarif A (2020) Implementation and analysis of keyboard injection attack using USB devices in windows operating system. In: 2020 3rd international conference on computer and informatics engineering (IC2IE). IEEE, pp 449–454

Dwivedi A, Tripathi KC, Sharma ML (2021) Advanced keylogger—a stealthy malware for computer monitoring. Asian J Converg Technol (AJCT) 7(1):137–140. ISSN-2350-1146

https://bestxsoftware.com/blog/top-10-free-keylogger-software/ , Internet

Egele M, Scholte T, Kirda E, Kruegel C (2008) A survey on automated dynamic malware-analysis techniques and tools. ACM Comput Surv (CSUR) 44(2):1–42

Article   Google Scholar  

Bubukayr MAS, Almaiah MA (2021) Cybersecurity concerns in smart-phones and applications: a survey. In: 2021 international conference on information technology (ICIT). IEEE, pp 725–731

Lallie HS, Shepherd LA, Nurse JRC, Erola A, Epiphaniou G, Maple C, Bellekens X (2021) Cyber security in the age of COVID-19: a timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Comput Secur 105:102248

Widyasari PA (2021) Ethical dilemma decision making based on personality: the case of installation of a keylogger system. In: 18th international symposium on management (INSYMA 2021). Atlantis Press, pp 252–258

https://bat2exe.net/

https://www.exejoiner.com/

Dhaka P, Johari R (2016) Crib: cyber crime investigation, data archival and analysis using big data tool. In: 2016 international conference on computing, communication and automation (ICCCA). IEEE, pp 117–121

Singh A, Choudhary P (2021) Keylogger detection and prevention. J Phys Conf Ser 2007(1):012005. IOP Publishing

Jain I, Johari R, Ujjwal RL (2014) CAVEAT: credit card vulnerability exhibition and authentication tool. In: International symposium on security in computing and communication. Springer, Berlin, Heidelberg, pp 391–399

Download references

Author information

Authors and affiliations.

SWINGER: Security, Wireless, IoT Network Group of Engineering and Research, University School of Information, Communication and Technology (USICT), Guru Gobind Singh Indraprastha University, Sector-16C, Dwarka, Delhi, India

Moulik Agrawal, Karan Deep Singh Mann & Rahul Johari

Parallel and Distributed Systems Lab, School of Computer and Systems Sciences, JNU, Delhi, India

Deo Prakash Vidyarthi

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Rahul Johari .

Editor information

Editors and affiliations.

Department of Computer Science Engineering, Maharaja Agrasen Institute of Technology, Rohini, Delhi, India

Deepak Gupta

Ashish Khanna

Department of Information Technology, Cairo University, Giza Governorate, Egypt

Aboul Ella Hassanien

Department of Computer Science, Shaheed Sukhdev College of Business Studies, University of Delhi, New Delhi, Delhi, India

Sameer Anand

Ajay Jaiswal

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper.

Agrawal, M., Mann, K.D.S., Johari, R., Vidyarthi, D.P. (2023). Cyber Risks and Security—A Case Study on Analysis of Malware. In: Gupta, D., Khanna, A., Hassanien, A.E., Anand, S., Jaiswal, A. (eds) International Conference on Innovative Computing and Communications. Lecture Notes in Networks and Systems, vol 492. Springer, Singapore. https://doi.org/10.1007/978-981-19-3679-1_26

Download citation

DOI : https://doi.org/10.1007/978-981-19-3679-1_26

Published : 08 November 2022

Publisher Name : Springer, Singapore

Print ISBN : 978-981-19-3678-4

Online ISBN : 978-981-19-3679-1

eBook Packages : Engineering Engineering (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Publish with us

Policies and ethics

• Find a journal
• Track your research

The unsolved opportunities for cybersecurity providers

The COVID-19 pandemic has forced rapid changes on corporate cybersecurity functions. Chief information-security officers (CISOs) have had to adjust their strategies to account for remote working, pivoting from working on routine tasks to working on long-term goals of establishing secure connections for remote situations. Managing business continuity has been the goal, with the patching of remote systems over virtual private networks, handling of those systems’ increased workloads, and monitoring of spiking cyberthreat levels and cyberattackers targeting at-home workers with an array of threats. In fact, a McKinsey survey of cybersecurity providers found a near-sevenfold increase in spear-phishing attacks since the pandemic began.

The challenges that face organizations are also forcing cybersecurity providers to pivot, adjusting their strategies and their product and service offerings to meet postpandemic objectives. That must be done in a manner that accommodates the new security landscape but continues to monitor customers’ needs while adjusting sales, service, and training accordingly. The elements that enterprises must secure (data, devices, people, networks, machines, and applications), how they must secure them (prevention, detection, response, and remediation), and why it’s important to secure them (to mitigate loss of lives and livelihoods) continue to evolve, and cybersecurity providers have yet to solve several crucial customer challenges. The stakes have never been higher.

Insights from the results of the cybersecurity-provider survey revealed that CISOs and cybersecurity-operations teams will continue to invest niche spending in the areas of perimeter security, next-generation identity and access controls, remote access, security automation, and security training. With a vast ecosystem of technology platforms and partners, cybersecurity providers will need to differentiate themselves. The research suggests that there remain four unsolved challenges: the visibility gap, fragmentation of technology, the talent gap, and the measurement of ROI. Addressing even one of these challenges can help providers gain a sustainable edge in an ever-evolving, fragmented, and competitive market.

Visibility gap

Without visibility into digital infrastructure, it will be difficult for companies to recognize when, where, or why there is a problem. According to a recent McKinsey survey of approximately 200 buyers of security-operations applications (such as security-information and -event management and security-orchestration, -automation, and -response tools) in the enterprise market (companies with more than 1,000 employees or topline revenue more than $1 billion), around 60 percent of buyers analyze and triage less than 40 percent of their enterprises’ log data. Worse, that figure may be understated: third-party and software-as-a-service log data are often excluded, since they are not prioritized for collection and analysis in many enterprise environments.

Case example: Cybersecurity visibility

Today’s typical enterprise environment, though, can make that necessary visibility difficult (see sidebar “Case example: Cybersecurity visibility”). Chief information officers and CISOs also need to rethink their analytics strategies, with an eye on deploying analytics designed for the volume and nature of today’s data, both structured and especially unstructured. 

The best way to begin any compliance or security program is to assure telemetry at the endpoint, thus helping ensure that automated communication processes from multiple data sources are normalized and standardized for faster and more consistent analysis. That element alone can contribute to better customer experience, application health, quality, and performance, in addition to more scrutiny from a security standpoint. The sad truth is that few, if any, enterprises are confident that they have accurate and comprehensive telemetry to detect an intrusion in their environment. In solving the telemetry and visibility gap, cybersecurity providers should perform the following actions:

• Rethink the ‘pay by the drink’ approach (such as pay per log) to volume-based pricing models. Such payment mechanisms are unsustainable at scale for enterprises, particularly when considering an enterprise’s consumption models for cloud architecture and infrastructure. Offerings should be adjusted to solve rate limits of mass data processing at the peta- or terabyte level.
• Identify the missing puzzle pieces to building a 360° view. The security-telemetry implication is often the tip of the iceberg. In many companies, the broader ecosystems for IT- and data-asset management have not matured to keep up with the security approaches. Leading providers will build tooling that can construct an outside-in view of the puzzle and identify the critical missing pieces. Such business-aware, intelligent tooling provides substantial value to a cybersecurity-function because it shifts the conversation with business leaders away from numbers to the value chain and revenue streams of the business. Educating customers on how to plan for cost reduction and be purposeful about which logs they select to ingest, as well as building low-cost data lakes that can affordably collect all logs for pretriage to feed into the system of choice for security-information and -event management, can bridge the gap in the interim. That means that sales engineers, architects, analysts, and other personnel are critical in identifying puzzle pieces that are missing (or redundant) as part of the presales process to demonstrate to security buyers how a technology will close visibility gaps.
• Reduce false positives, forcing the organization to approach cyberthreats proactively, not reactively. The improved use of AI and machine learning provides a holistic view of an entire security program, including on-premises, in the cloud, across geographies, within business units, and from remote networks. Transparency here allows an organization to prioritize potential threats. By reducing false positives, it has a clearer picture of cyberthreats such as vulnerabilities, unpatched systems, and misconfigurations.

Technology-fragmentation challenge

Part of a CISO’s job has an impossibility element. Their teams are supposed to protect against future cyberattacks, with the nature, method, timing, scale, and identity of those attackers unknown. Those frightening unknowns fuel a fear of reducing the number of security applications, even seemingly redundant ones (perhaps obtained through an acquisition), because it’s possible that the targeted app might be the one to save the enterprise.

Enterprises grapple with the timeliness challenge of technology decisions (where and how to balance agile-best integrated options with fragile, fragmented, best-of-breed options), since different technology, applications, and providers are used across an organization. Often, a company may have more than 100 third-party security tools in use. In many cases, that number is driven by the CISO’s expanding mandate—and desire not to be the one who cancels the tool that might prevent the next big breach. There are several key drivers of this security complexity.

The enterprise perimeter has changed in recent years as the paths to access data assets has soared, with no single perimeter existing. The influx of IT functions hosting on-premises, private- and public-cloud environments is upon us. As a result, multi- and hybrid-cloud security will continue to be critical, and CISOs will be willing to pay for increasingly hard-to-find skills (such as mainframe security) from a service provider.

With many industries, the first challenge of operational-technology (OT) security is identifying who “owns” it. Once resolved, the logical next questions follow: Who funds it, who operates it, and what are the intersection points between IT and OT security? A duplication of security controls, policies, frameworks, and vendors across both IT and OT only drives complexity further.

The interlinkages among data governance , data privacy, and cybersecurity have precariously positioned the CISO as the only first-line enforcer amid a second-line function. With the continued expansion of data regulations, data-sovereignty laws, and customer interest in data privacy, the CISO is increasingly asked to add tooling, process, and prioritization to retrofit privacy into security. In many cases, that has led to a proliferation of tooling, such as data classification, data tagging, data-access governance, and privacy management, where the operating model between information security and privacy (compliance concerns) can get blurry.

While CISOs report varying degrees to which they have a seat at the table during M&A, one thing is for sure: after M&A, they will have plenty of cleanup to do. Companies are vulnerable to cyberattacks during acquisitions, which means that the last thing a CISO wants to do is rip and replace the tooling, leaving unknown vulnerabilities exposed. To understand capabilities, cyberthreats, and critical data, integration teams can prioritize a target’s function-specific technology applications  by categorizing each. Here lies an opportunity for cybersecurity providers to offer material value.

To help CISOs extract themselves from the “one-way ratchet” that is enterprise cybersecurity tooling today, cybersecurity providers need to perform the following actions:

• Produce offerings that allow for seamless simplification of sprawl. Deploy a product that takes over incumbent functionality, generates data to show the efficacy of the new layer offering (such as recurring money and time saved by rationalizing tooling), and enables the sunsetting of old, legacy approaches.
• Use cloud and software-as-a-service adoption or updates as an opportunity for tool rationalization. Providers must maintain relationships with major cloud platforms, emphasizing native integration with software and platform leaders, as hybrid scenarios with on-premises, public- and private-cloud expand. Many major platform players have invested significantly in managing their relationships with cloud service providers.
• Engage all stakeholders, make business-based simplification decisions, and don’t put all the cybersecurity burden on the CISO. Organizations should empower their CISOs to make risk-based simplification decisions, gaining cross-functional support for key simplification decisions so the burden (and after any incident, the blame) do not rest solely on the CISO.

Cybersecurity-talent gap

With more than 3.12 million jobs in cybersecurity estimated to be unfilled in 2021, 1 “Cybersecurity workforce demand,” US National Initiative for Cybersecurity Education, 2021. the talent shortage is a massive problem, and it’s affecting both clients and providers. The use of technology—primarily AI and its machine-learning offspring—has helped slightly, especially in a security-operations center dealing with an active cyberattack. But the technology is primarily supplementing security analysts, allowing human capacity to be more efficient and to focus more on tasks where their experience and creativity are essential. Addressing the talent gap takes innovation and persistence:

• Recruiting realities. To manage the skill gap, cybersecurity providers may want to focus on offerings that are not as people intensive to deploy and manage or maintain. To remain talent competitive, providers should get creative when it comes to recruiting, training, and retaining talent, such as looking beyond traditional places, finding individuals with similar skills sets that can be trained, looking beyond formal education, and so on.
• More one-shop and full-stack-service providers (such as ‘infra in a box’) . Companies are moving away from the approach of product-delivery deployment and moving toward annual subscription models that include service delivery.
• Impact of delivery preferences on customers’ key buying factors. Delivery preferences are critical. For example, the rate of false positives has historically been a top buying factor in several security-product markets, for a logical reason: the more false positives, the more frustration and manual effort for security-operations teams to trudge through every day. However, as the delivery of those products has shifted to a service-driven approach, buyers care less about false positives because they no longer see level-one and -two data. Instead, the triage stage is outsourced almost entirely by the product provider’s service team. Buying preference moves farther right along the value chain to the value and actionability of the intelligence, response time, and so on.

Cybersecurity’s ROI

The most successful cybersecurity program is one that no one notices and that enables the underlying business to function unhindered. Organizations today struggle with understanding how to measure the return or value of a dollar spent on cybersecurity, as well as how to communicate its value to internal stakeholders, such as C-suite and board members. Providers should structure their output, reporting, and dashboards to speak to business audiences, as well as technical audiences. Provider solutions should take credit for all their accomplishments.

If an industry is not implementing the right cybersecurity programs and therefore spending less than their needs demand, there is no comfort in looking at its neighbors from a comparison standpoint. Maturity in no way guarantees resilience, but it does help define and measure ROI appropriately. To have a true security proposition, there are at least three dimensions that the cybersecurity provider community should consider:

• Business value. Do the organization’s security offerings reflect the priorities of its customers’ businesses today? When those business priorities change, can its security program adjust its priorities effectively? When there’s a crisis, can it quickly map online services to business processes?
• Customer value. Does the customer see the organization’s security capabilities as a differentiator? Do they know it is managing top risks?
• Market value . Do external stakeholders, including investors, vendors, and third-party supply chains, understand the organization’s security journey and the impact of the security team over time? Are security capabilities included as part of the company’s valuation? How does the organization talk about security to “the Street”?

Continuing to evolve

For cybersecurity providers, the ability to offer customers real-time technology and services that speak to the business, not only the CISO, is crucial. They also need to demonstrate the right value and key performance indicators to measure outcomes, which is the first step on the journey to helping its customers differentiate as security-minded businesses.

Case example: Cybersecurity trust

The four challenges detailed in this article can be solved, and a wait-and-see approach is not advised. It is important to realize that the challenges are fundamental to the industry and to define the constraints within which the industry operates. Executives must be cognizant of such issues, as well as try to solve them. But most importantly, cybersecurity professionals need to be open and transparent about them with internal stakeholders, working in collaboration to solve each challenge (see sidebar “Case example: Cybersecurity trust”).

From a go-to-market perspective, cybersecurity vendors that can appeal to business, functional, and technology executives alike will have more success in becoming household names.

Explore a career with us

Related articles.

Organizational cyber maturity: A survey of industries

Building cyber resilience in national critical infrastructure

Enterprise cybersecurity: Aligning third parties and supply chains