A Holistic Approach for Managing Spyware

Abstract In the past, the main anti-malware targets for IT were viruses and worms. Yet, information privacy and security control are being increasingly challenged by the mushrooming emergence and propagation of spyware, which is one of the perilous cyber-threats confronting the IT community in terms of privacy violation. In general, most people regard spyware as a stealthy transmitter gathering and passing sensitive personal information to a third party over the Internet without awareness or permission. Stafford and Urbaczewski refer to spy- ware as “a ghost in the machine” [1] due to its surreptitious nature compared to viruses and worms. Warkentin et al. [2] further expand the description by arguing that “spy- ware is a client-side software component that monitors the use of client activity and sends the collected data to a remote machine.” The rapid penetration of broadband Internet connections, coupled with a wide variety of free software downloads and weakly managed peer-to-peer (P2P) transmissions, has provided a hotbed for the pervasion of spyware. Notwithstanding, in the early development stage, spyware has the potential and specificity to surreptitiously trigger more severe calamities than viruses and worms if we don't have comprehensive management and prudent control.