interim capstone report

· Anti-virus and anti-spyware

· Firewall, in order to resist unapproved admission to the system

· Intrusion prevention systems (IPS), in order to recognise quick affectingrisks, for example, zero-hour attacks

· Virtual Private Networks (VPNs), in order to offer secured remote admittance

The present research deals with the various computer worms and malware attacks which occur as a result of the cyber security breach. The research aims to identify the characteristics of the various computer worm s and malware. It will also help to assess the effects of the malware on the computers and the networking systems. Here, secondary data collection method has been utilized for the current research. Exploratory approach and deductive research design have been taken up by the researcher. Finally, the researcher has recommended certain ways to prevent and mitigate the attacks as the impacts of malware attacks are disastrous.

The techniques of protecting computers, networks, programs and data from illegal access or attacks are combined together to form cyber security. These attacks are simply aimed for corruption. The usability, dependability, veracity and security of the network are protected by cyber security. Huge number of threats are targeted and blocked from infecting the network by cyber security. Its components include:

· Anti-virus and anti-spyware

· Firewall, in order to resist unapproved admission to the system

· Intrusion prevention systems (IPS), in order to recognise quick affecting risks, for example, zero-hour attacks

· Virtual Private Networks (VPNs), in order to offer secured remote admittance

Protection of personal and professional information from cyber threats is an urgent necessity today and hence cyber security comes to the rescue. People think that the systems are safe whereas they actually are not (Horowitz & Lucero, 2017). If the proper and appropriate safeguards are not in place, every system will become a victim of cybercrime, sooner or later. Cyber security is incredibly important as -

The world today is taken over by Smartphone’s. It has become a necessity. People spend a major part of their day looking into the Smartphone’s. These are extremely vulnerable to loss or theft. People generally are of the opinion that cyber security deals with online hacking, whereas a lost or stolen phone is easier to hack as it already contains many information in it. A huge number of devices are synced to the internet and enormous quantity of data is shared. All these constitute the Internet of Things (IoT). Hence, hackers can very conveniently hack or manipulate any piece of information from this huge pool of data.

People generally give out a lot of information online, either personal or professional and it is a very common phenomenon. This should actually be extremely alarming considering the frequency of cyber-attacks (Kak, 2018). The attackers are taking advantage of the fact that most of the people do not practice safe online care of the data.

Malicious software or malware, as it is called is generally a file or code, which is delivered via a network. It infects, explores, steals or manipulates any activity as per the hacker’s choice. Malware usually has one or more of the following objectives, though diverse is type and abilities:

· In order to use an infected machine, the remote control for an attacker is provided.

· From the infected machine, spam messages, mails, links, etc. are sent to the unsuspecting targets.

· The infected user’s local network is explored.

· Sensitive information is stolen.

Malwares can be or many types, namely, Viruses, spyware, Trojans, rootkits, worms, polymorphic malware, botnets, Remote Administration Tools (RATs), etc. Previously, the malware programs that were designed used to replicate games or send mysterious messages to various users. In 1971, the Creeper Virus was generated. Short messages, daring the user to capture the creeper, were displayed when initially a system was infected by the said virus (Yılmaz&Gönen, 2018). The Creeper did not cause damage as it was a trial. It paved the way for future attacks it could quickly spread through the various systems. In 1988, the Morris worm or Internet worm was distributed via the Internet. It was the one of the first computer worms that pulled in a lot of media consideration.

The various symptoms of the computer worms must be made extremely familiar to the users. This will help to recognize the infections quickly and take necessary steps. Some of the evident indications are:

· Slowing down of the computer performance

· System crashing

· Automatic opening and running of various programs

· Abnormality in the performance of the web browser

· Any unusual behaviour of the system, including messages, images, sounds, etc.

· Warming from Firewall

· Files may go missing or modified

· Unusual desktop icons or files appear

· Error messages from the system or operation system faults

· Without the user’s knowledge, emails are sent to contacts

The user should keep a track of these symptoms. There may be some genuine issues which might lead to anyone of the above mentioned symptoms but if many of these symptoms appear then definitely the system has been affected by a worm. A computer’s operating system and applications should always be updated with the latest versions, because the software susceptibilities are the foremost infection vectors for the various computer worms (Farral, 2017). The updates should be installed as soon as they are released.

The updates contain patches for the security faults and hence are very important. Various types of malwares and worms can be spread by the phishing attacks also. Unwanted mails from unknown senders, which too containing doubtful links and attachments, should always be avoided. A very strong internet security software solution should be installed to block such intimidations. Anti-phishing technology together with defences against various malwares and other online threats should be present in the security solution.

Artificial Intelligence (AI) and machine learning are still new and has been explored fully in the field of cyber security yet. This brand new technology has been developed as a totally self-governing and autonomous system. It can be deployed as a coating over the manual attempts at cyber security. This boundless as well as nonlinear technology is way smarter and faster than any human or computer(Gregory, 2016). It additionally becomes more commanding on more training and usage. It can proactively classify and alleviate a threat even before a patch is developed, without being reactive. It can also be functional and certified. The partnership between man and machine is the future of cyber security. Both have to rely on each other for fighting and mitigating cyber threats.

I have worked with the global IT firm, Cisco Systems Inc., for completing my CPT assignment. 170 W Tasman Dr, San Jose, CA 95134, Cisco Systems Inc., was established in 1984. The said company deals with various computer malwares and worms and helps to develop cyber-security techniques in order to mitigate these threats.

What Cisco Systems does?

Cisco provides a technology which enables endpoint cyber-security. It delivers solutions to deploy, monitor and safeguard users’ applications as well as systems. It also provides safety assurance, compliance, intelligence and training services. Helping users to reach their cyber-security goal through various consultations and services is its main aim.

Highlights of the Proposed Research

The research will focus mainly on malware and worm attack as a result of cyber-security breach. The research will further explain the causes and effects of the security breaches. It will also provide recommendations as to how to deal with the security and virus attack issues. So, as computer and computer network security is prime focus in today’s world where data loss and theft is on full swing, this research will definitely be helpful in finding out the reasons and some solutions of the said problem.

Overview of the CPT Assignment

I have worked as a trainee in Cisco. I have focussed on observing and learning the various malware mitigation techniques as well as their following deployment and support. Thus, providing the much needed solutions and services to the clients within a stipulated time without bothering the client much has been the highlights of my training. I have been asked to document my studies and observations in a proper format and have also presented a report after the completion of the training.

As a trainee from the technical background, it was necessary for me to learn how to detect the malware that has affected any system, diagnose the perfect technological solution for it and deploy the solution so that it starts working. The end-user satisfaction has been of immense importance. I have developed myself regarding the work procedures, implementation and improvement of the solutions during my training period.

Relationship between the CPT Assignment and the Proposed Project

My field of training and the selected research topic is closely related. I will come across various other research papers, online articles and journals in the entire duration of this research work. This will help to gain more knowledge regarding my subject of work and this it will help me to fare well in my assignments. Completing this research work will also enhance my reporting and research skills. All these learning together will help me to enrich my knowledge and experience.

Any company can undergo a huge loss on being subjected to a successful cyber-attack. Economic, reputational as well as legal issues can be the effects of security breach.

Economic damage:

Extensive financial loss can occur because of cyber-attacks, such as:

· Corporate and financial information stealing

· Money theft

· Trade disruption

· Business or contract loss

Reputational damage:

The main element of customer relation is faith and cyber-attacks can destroy that by damaging the reputation of the business this could potentially lead to loss of customers and sales as well as reduced profits.

Legal damage:

The security of all personal and sensitive data is made mandatory by the data protection and privacy laws. On deliberate negotiation of the data and security measures’ deployment failure, the owner may have to pay fines as well as give up supervisory authorizations. Some level of data protection prioritization is required in order to mitigate the security breaches. Important assets should be protected before the unimportant ones(Ismail et al., 2015). Keeping records of actions to take up during the breach is vital and in this case, checklists can be helpful. Software updates should be installed as they contain patches.

Every user should be made aware of the various types of attacks and breaches and should be trained in handling those. Dry runs should definitely be conducted. Data security vendors should also be kept handy. The damage caused by a malware can be different. Malwares and worms can cause insignificant increase in outgoing traffic as well as complete network breakdown or even sensitive data loss (Kapse& Gupta, 2015). The target of the malware decides the measure of the damage.

Operability of computers and networks:

Deletion of critical system essentials, restriction of the OS as well as overloading of the network with a DDoS attack can be caused by a virus or Trojan attack. Often a bug in the code of the virus or the operation’s principle can cause severe issues.

Hardware failure:

As modern computers are relatively secured from software errors, hardware failures are rare. The CD/DVD tray can be opened or closed by Trojan. The computers that run continuously may experience drive failures due to these.

Data loss or theft:

The value of the lost information can be used to gauge the intensity of the damage caused by a successful attack. Many important and sensitive data, including presentations, calculations, videos, pictures, etc. or any type of coveted interaction can be lost or erased as a result of worm attacks(Ansari, 2016). Taking regular backups is considered to be one of the most ignored ways to avert data loss or theft.

A worm inside a network of many systems is a major issue because on the one hand, it will damage every system and because huge loss, similarly, on the other hand, it will consume a lot of time in order to disinfect the systems (Kamal et al, 2016). The downtime of the systems will be considerably long. Even though, a Trojan is not a huge threat to the system, its presence in the system is not desired.

The basic steps to protect users from most of the computer worms are –

· In order to run the functions as a limited user, a system’s user accounts should be set. It should not be able to install software automatically.

· In order to limit illegal network movement, all network firewalls should be turned on.

· Installation of robust anti-virus software is necessary so that automatic updating and scanning keeps continuing.

Scope of the study:

In the recent era, computer worms have significantly drawn attention to the research people, as it leaves undesirable influence on the internet and local networking system. Past scholars tried to assess the likelihood of adverse impact of computer worms, by analyzing different classification. On the other hand, the timeline of varied computer worms have been assessed to know the degree of impact and future threats of computer worms to a networking system and global internet users.

Considering the fact, the study prioritises analyzing typical worm behaviour in the networks and its life cycle, so that new strategic path can be implemented to resist these devastating activities. The scope for the current study is also limited as, it can only address the issues for a specific range of network system, which is actually feasible. Classification of computer worms would be based on behaviour and scanning mode. Analysing the classification the researcher would be able to identify the evolution pattern of the computer worms and the types of damage caused by the attack to the global networks. Thus, strategies can be implemented to cut those attacks and mathematical modelling can also help to determine the projected future attacks that might happen against another set of evolution of computer worms. To some extent, these predictions would be helpful saving network attacking activities in both ways theoretically and practically.

Aim:

The primary aim of the current paper is to assess how computer malware worms affecting the cyber security. The secondary aim is to evaluate the inadequacy of current security measures and provide recommendations to resolve cyber crimes generated by computer worms.

Objectives:

· To identify the characteristics of computer worm malwares

· To assess how the worms are affecting networking system and its impact

· To evaluate existing strategies used to mitigate cyber security issues generated though computer worms

· To estimate the loopholes of the existing process used to deal with cyber security issues

· To recommend approaches that could be effective enough to resolve the security issues generated by computer worms

Questions:

· What are the typical characteristics of computer worm malwares?

· How the worms are evolving and affecting networking system?

· What is the risk likelihood of computer worm attack?

· Which existing strategies used to mitigate cyber security issues generated though computer worms?

· How much loopholes are found in the existing threat mitigation process against cyber security issues?

· Which strategic recommendations could be effective to resolve the security issues generated by computer worms?

Hypothesis:

First set:

H0: Typical computer worms affects and damage global network security

H1: Typical computer worms do not affect and damage global network security

Second set:

H0: Mathematical modelling and its projection towards the evolution of computer worms can safeguard the cyber security attack

H1: Evolving replica of computer worms would be more powerful which cannot be destroyed by the implementation of recommendations drawn from mathematical modelling to a significant extent

A computer worm is kind of malwares which are standalone in nature and these programs can reproduce or create duplicates to spread to other computers or operating systems. It generally uses the network to spread through the other computers. It creates problem to security measures and make them fail on the targeted systems or computers to access it (Sharma & Sahay, 2017).

Malwares are generally the malicious software which gets in to the system through various viruses via the network and spread through the computers and operating systems. There are different kinds of Malwares like adware, worms, Trojan, backdoor etc.

(Source: Singh, 2017, 870)

Adware

It is meant to steal the user information, its added capability helps it to activate the spyware running with it, and they are dangerous in nature and harm the system completely (Velliangiri & Premalatha, 2017).

Bot

Bots are used for malicious purposes to steal user activity and information. Spam bots are sent to user systems or computers through third party vendors.

Bugs:

Those are generally used by the compilers on source codes of the program.

Ransom ware

It is the most harmful malwares which are generally used for harming the user operating system and can also ask for forceful ransom payment.

Spyware

As the name says it used to spy on the user system and programs and activities and try to steal them.

As there are many kinds of computer worms or network worms like it can be email worm, bot worm, hybrid worms, and Virus worms etc. Computer or Network worms affect the network security and even system securities in various ways as below:

· They affect the network and systems depending on its codes. Generally, they make copies and spread highly through other computers or systems without any bodies knowledge.

· They can also send malicious emails to any address book those are stored on user system.

· This kind of malwares are very malicious and it can access the computer so easily and go on to the system files, which help it to spread the

· It creates bypass and able to dominate the firewall of the user system helping to affect the hard disk files of the operating system.

Impact of Computer Worms or malwares on Network Security

There are various worms or harmful malwares which generally used to corrupt the data from the user system, disable the computers network security. Worms are less harmful but can create problem for small business giving risk for their user data and the computer networks. It hampers the performance of the user system while doing important tasks and infects the computer thoroughly.

Hamper capacity: Velliangiri & Premalatha (2017) stated that in a computer any program, software, resources etc consumes hard drive storage. While there a threat of worms or malwares it used to create duplicate spaces and consumes the capacity of the system unnecessarily without the knowledge of the user.

Time: When the computer or system gets infected by the worms it takes much longer time to perform as the worm used to create duplicate files and slow down the processor speed.

Computer Security: After the worm or malware get installed it can perform numerous actions without user’s knowledge and steal computer data which can be an issue of breach of security. Hackers can get the financial data and give the user monetary loses.

People can face a lot of issues if those worms infect their system like instability of data, cope of undesirable of contents, data harvesting etc. To get rid of those problems every user should install strong firewalls, should use genuine version of operating system and use a strong antivirus to protect their system data and life.

Computer network which is affected by the malicious worm not only suffer from disruption of service but also become weak to any kind of cyber-attack in the form of viruses or malicious worms which duplicates its structure and affect each and every part of computer to generate the loss of data and mainly attacking the operating system. Now days the technology had upgraded to Internet of things or clouds computing but prior to that to stop the malicious work affecting the whole network system of computer different strategies were undertaken to fight against these malicious worm.

· The operating system must be updated with new version in timely manner and install all the new version of patches which has the ability to fight with new cyber-attacks of malicious worms.

· The previous and existing strategies is the use of the firewall which is an authenticate method to protect the computer network from worm attack and also the software running in the computer reducing the risk (Gregory, 2016).

· Many work threat or worms comes in encrypted method, so there are codes which are used to run in computer to decrypt the code and delete it before it could do a great harm to the computer and the system method running in the computer.

· Another new and previous strategy were to remove that computer which is running in a group of computer network system and hence the affected computer could be replaced with the new one to avoid the risk of vulnerabilities to the computer.

· The other main strategy is to be careful to any links or email or any messaging app, which could contain the worms and on clicking it may affect the computer, should be readily avoided.

Cyber security is a serious issue which is faced by every organization. Attacking and attempting to hack databases or malware attacks on computer systems have become frequent cases. As per Gregory (2016) with the huge advancement of technology as everyone is getting benefits and also advancing the business utilizing these technologies, attackers with malicious intents are also the same to increase the degree of the attacks. Therefore, the attackers can find new methods using the technologies to get past the present security system implemented in the cyber security. In many cases it has been seen that the attackers have invented new way to affect the computer systems which cannot be countered by the existed security system (Farral, 2017).

The most critical fact about safety is to maintain and monitor the security system and to check if the security system patch is up to date with advancements of new technologies. Ansari (2016) said that with the up gradations of software the security associated with it always need to be rechecked and to need to be upgrade, so that it can match up to the software with proper safety. As this is much more expensive process than implementation of the security systems many organizations decides to ignore it.

Therefore, the safety system loses its effectiveness and gradually becomes an easy target for the attackers. When an advanced, upgraded operational technology is implemented into the cloud or connected with the internet, a proper threat assessment is required (Yılmaz & Gönen, 2018). Attackers are generating more malicious software or malware which cannot be identified by the present security measurements. Also new advance techniques are being adopted using the technologies to breach any computer systems of any organization. Without proper security systems the organization are completely vulnerable against these attacks.

Computer Worms malware infection is a method to attack the computer systems to make it unbearably slow for operation or hijacking the system. To protect the sensitive and important data from these undesired attacks proper strategies is need to be adopted by the organization. Some of the strategies that can be considered are:

Anti-worm Software:

To prevent this malicious attack, it is recommended that the computer system is contained with effective anti-worm software which can identify the threat and can notify to the administration or management. This software can scan any data received by outside source to check any possible threat and can notify the users to avoid it from opening or take countermeasures to remove it.

Spam Filters:

The spam filters have the ability to block and confinement any email or messages containing any suspicious content and send from any unknown sender and alerts the user to avoid it. Many large and small organizations along with many personal email provider currently have implemented the spam filter.

Security Scans:

It is important to avoid any malicious and suspicious content and also need to avoid any software which can spread worm in the computer system. That is why computer systems should be contain with effective software which can scan the software that would be installed or have been installed in the computer system to check if it is infected with the worm.

Regular Updates:

The networks, devices and computer systems are need to be updated regularly. The updated security patches provided by the software vendor are needed to be purchased and installed to handle the latest threats.

Firewalls:

Firewalls are considered to be the finest defence line up in the computer system. This technology can block anything suspicious to be accessed and installed in the computer network.

Data encryption:

It is a proven fact that the process of successful security features is aligned with the concept of encryption which is very powerful to maintain the data confidentiality index. The two tires process of encryption like encryption algorithm with set of instruction and the encryption key code used by an algorithm to protect the data set.

Public/Private Key Encryption

In this specific case, all devices can utilise a station's public key to encrypt data. The receiving station decodes the information utilizing its individual particular private key. According to Vaismoradiet al. (2016), no other device has the station's private key, no other device can decipher the information, so information confidentiality is kept up. The past scholars and computer researchers have composed computer programs that differentiate exceptional numbers to use for the keys with the goal that a comparable intention can be utilized by both the sender and recipient, despite the fact that distinctive keys are utilized.

On the other hand, in case of sending a digital signature to protect the information a disproportionate key can be used with the feature for data privacy.A few cases of deviated key frameworks incorporate the Rivest, Shamir, and Adleman (RSA) standard, the Diffie-Hellmanopen key calculation, and the Digital Signature Standard (DSS)(Velliangiri&Premalatha, 2017). Cisco utilizes the DSS standard to validate peer switches amid the setup of an encoded session. The associate switches utilize the Diffie-Hellman calculation to refer data on a mystery key to use to encode information. The genuine information is scrambled utilizing the DES calculation and the mystery key. These types of process help to protect unauthorised access into the network and assure the network to be safe from the malicious attack.

Figure 2: Public/Private Key System for Ensuring Data Confidentiality

(Source: Singh, 2017, 874)

Figure 3: Public/Private Key System for Sending a Digital Signature

(Source: Singh, 2017, 875)

Defensive mechanism:

These systems take a shot at recuperation from malware infection and it has two fundamental classifications have based and arrange based. Considering the view of Sun(2014), the host based system works in light of re-establish the spotless condition of a contaminated malicious attack either by sanitizing the malware utilizing devoted application or by reinstallation of a new working framework to affirm that malware is totally cleared. In addition, the system construct component works with respect to cleaning and anchoring the system framework. Blocking malware attack by isolating tainted machine and obstructing any control server correspondence can make the system clean and stop the worm twofold movement and spreading.

Offensive mechanism:

This system chips usually work on during the time of launching the attack and process against malware to annihilate the infection effect. The primary objective is to limit the malware expediency is by infusing counterfeit data like phony accreditations or band accounts. As per the view of Sharma & Sahay(2017), coordinate attacks work on crushing the individuals from the worm or malware structure. Focusing on the malware that can hamper the cyber security status has disproportionately influenced its efficacy. Moreover, infusing harmed order for control serves can intensify the malware correspondence.

Control server detection

Location of control server can uncover all malware that speaking with the uncovered server. Dynamic server location technique plays out a piece of malware correspondence. This dynamic location can be sorted into two strategies infusion and concealment. As per the view of Sari(2018), for infusion technique it infuses controlled parcels into suspected system stream and figure out who react to such bundles where stifled technique depends on stifling on speculated arrange movement bundles to recover reaction and perceive the control server. Detached control server identification depends on checking and breaking down its movement with no impedance or cooperation and it resembles malware recognition can be executed utilizing two different ways syntactic and semantic.

In syntactic a created signature based models are used to contrast late movement and predefine noxious activity designs (Kapse & Gupta, 2015). The semantic recognition depends on heuristic to make a connection between current activity and the conduct of control server movement. Thus, the distinctive ways of cyber security mechanism can be utilized to discover similitude these ways incorporate factual approach, relationship and conduct based strategy.

An exploratory research design would be used to conduct the study, as several past studies have been done in the similar area. Thus exploration of key facts, issues and recommended strategies are needed to be analysed to reach a potential conclusion. Liu & Li (2015) stated that an exploratory research design helps to gain insights and similarity for the future investigation, when the issues are found at the initial stage of assessment. Thus, in this scenario, exploratory research design can help to find out the threats of computer worms, its changing behavioural pattern and projected future replica, which can affect the global network system drastically.

Data collection is a process, which helps to gather and measure information on targeted factors by means of an established pattern. According to Kennedy-Clark (2015), data collection enables the researcher getting answer with the relevant queries associated with the topic and the outcomes. Since, the study requires exploration on the attacks of computer worms over a network system, secondary data collection needs to be employed to gather past research data. It has been assessed that secondary data can provide vast set of records conducted by the past scholars (Bowman, 2014). Online journals, e books, case study conducted by varied research organisations, articles, etc. can be studied and utilised while gathering case specific data.

Gathered data from the secondary sources can be evaluated by descriptive means. Outcome of different hypothesis will be evaluated and analysed in a descriptive format (Thomas, 2015). Each outcome will be compared with the past works conducted by the authors and finally, the researcher would draw a concluding statement based on the weighted outcome. The weighted outcome would be based on the most repeated behavioural, scanning and network attacking patterns of the computer worms malware. Thus, descriptive data analysis pattern could be used by the researcher.

Afar analysing the earlier hypothesis and author’s proposition, it can be stated that the computer virus is basically a programming code which can destroy all the files and folders stored in a system and may terminate entire system from the network. According to the opinion of Kamalet al. (2016), the communication technology is one of the most infested ways to spread the computer viruses into the public system. As a result of this, the hackers get an easy chance to insert a killer program into a system and target the entire cyber network for further take over. Supporting that Kak(2018) asserted that the viruses can spread through VPN (virtual private network) to the other networks preserved by the legal bodies.

It has been viewed that use of several applications help the virus to grow and make the scope easy for the hackers to attack on a network. From above discussion, the different type of worms and malware present in the network has been successfully identified by the researcher. The viruses like file virus, boost sector virus, e-mail virus, spyware, adware, tojan, spam and the other forms of polymorphic virus has also been categorised. Adding to this, the prevention process and mitigation technique of that malware attack has also been detected through this discussion. In order to prevent the cyber security attack there can be two types of processes named prevention and treatment.

From the above analysis, it is cleared that prevention measure needs to be performed before the attack. In the view of Ismailet al. (2015), this is an action that could help to mitigate the gap between the system and the attackers so that the virus cannot be thrived into the system. The above analyses disclose that the prevention mechanism is done by finding out the weak point of the security system. On the other hand, the treatment processes remove the viruses from the system and also eliminate the entire suspected registry into the system. However, Hu(2017) argued that this type of mechanism can be the reason of losing some valuable information from the system.

An interruption discovery framework (IDS) distinguishes malicious junctures and informs an overseer, utilizing email, paging or recording of the event. An IDS can similarly perform factual and peculiarity examination. A few IDS gadgets can response to a focal catalogue that associates data from dissimilar devices to give an overseer a universal standpoint of the incessant security of a network system (Horowitz & Lucero, 2017). An interruption counteractive action framework (IPS) can progressively square movement by accumulation strategies to a firewall or by being arranged to examine activity as it enters a firewall. An IPS is an IDS that can distinguish and avoid assaults. There are two kinds of IDS gadgets:

Host IDS: It exists in on a distinct host and screens that host

Network IDS: It monitors all system activity that it can see and looks for predefined mark of malignant occasion and a system IDS is regularly put on a subnet that is straight forwardly associated with a firewall so it can screen the movement that has been permitted and search for apprehensive action. Therefore, it can be deduced that to combat with this emerging threat of cyber security, several useful programs has been encountered and it is expected that robust recovery process has been developed by the specialist to mitigate this digital threat.

· Step 1: Setting aim, objective and background related to the Worms’ propagation:

Network system is of different types such as homogeneous, small-world and power-law networks. Due to this variety, it is becoming more complex to catch the actual behavioural pattern and evolved attacking more of the computer worm’s malware. Thus, different types of worms’ propagation would be the initial work plan for the current research.

· Step 2: Conducting secondary research regarding the worm behaviour and mechanisms used to restrict the propagation of worm:

The worm control mechanisms are of different types such as preventive, offensive and defensive mechanism. Thus, in the second stage, the researcher would identify range of potential mechanisms used to restrict the worm propagation over a large set of network.

· Step 3: Identify the loopholes by conducting research methodology:

Based on the outcome drawn from the secondary data analysis, gaps of existing solutions would be analysed against the attacking behaviour of the typical worms.

· Step 4: Recommended Strategic actions after analysing the past findings on worm behaviour:

At the final stage, the researcher would evaluate the actual gap and proceed with a robust model to retrospect the future behaviour of the worms and the propagation agenda. Based on those hypotheses, a range of solutions would be offered as a security measure and future recommendations to safeguard the global network from the computer worm malware.

Table 1: Gantt chart for conducting the whole research

(Source: Created by author)

Hence, it can be concluded from the current research that the major threats to cyber security today are the worm and malware attacks. These can lead to personal data loss or theft, professional information theft, trade disruption, loss of client faith, legal issues and many more. Various types of malwares cause various damages. The mitigation strategies and techniques should also be different for all. Again, users should adopt some safety practices just to prevent these malware attacks before they penetrate into the networks. In order to protect a company from obligations during a security issue, it should also have certain legal contracts beforehand. It can be said that as technology is knitting the world closely into a circle, the chances of cyber-security breaches multiply. Hence, precaution and mitigation should both be well-known to all the users.

Ansari, M. (2016). Information system security (cyber security). Journal Informatics, 2(1). doi: 10.31311/ji.v2i1.60

Bowman, J. (2014) ‘Data, analysis, action!’, Research World, 2014(46), pp. 22–26. http://www.scientificpapers.org/wp-content/files/1563_Cordova_Rangel-A_review_of_research_methods_in_strategic_management.pdf

Farral, T. (2017). Nation-State Attacks: Practical Defences against Advanced Adversaries. Network Security, 2017(9), 5-7. doi: 10.1016/s1353-4858(17)30111-3

Gregory, J. (2016). The Past, Present, and Future of xVA. Wilmott, 2016(82), 37-39. doi: 10.1002/wilm.10487

Horowitz, B., & Lucero, D. (2017). System-aware cyber security: a systems engineering approach for enhancing cyber security. Insight, 20(3), 66-68. doi: 10.1002/inst.12165

Hu, G. (2017). Countermeasure against Distributed Denial of Service Attack. DestechTransactions on Engineering and Technology Research, (apetc).doi:10.12783/dtetr/apetc2017/10920

Ismail, I., Marsono, M., Khammas, B., & Nor, S. (2015). Incorporating known malware signatures to classify new malware variants in network traffic. International Journal of Network Management, 25(6), 471-489. http://dx.doi.org/10.1002/nem.1913