936 725
Full Length Article
Journal of Cybersecurity and Information Management
Volume 10 , Issue 1, PP: 18-33 , 2022 | Cite this article as | XML | Html |PDF

Title

Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System

  Faisal A. Garba 1 * ,   Rosemary M. Dima 2 ,   A. Balarabe Isa 3 ,   A. Abdulrazaq Bello 4 ,   A. Sarki Aliyu 5 ,   F. Umar Yarima 6 ,   S. Abbas Ibrahim 7

1  Sa’adatuRimi College of Education, Kano, Nigeria
    (alifa2try@gmail.com)

2  Federal University Dutsinma, Katsina State, Nigeria
    (rocinta976@gmail.com)

3  Sa’adatuRimi College of Education, Kano, Nigeria
    (balarabesadeeq@gmail.com)

4  Federal Polytechnic, Bauchi, Nigeria
    (ibnahmadbello@gmail.com)

5  Sa’adatuRimi College of Education, Kano, Nigeria
    (sarkialu@gmail.com)

6  Sa’adatuRimi College of Education, Kano, Nigeria
    (farroukhyarima@gmail.com)

7  Sa’adatuRimi College of Education, Kano, Nigeria
    (shazaliabbas82@gmail.com)

Full Text Download


Doi   :   https://doi.org/10.54216/JCIM.090105

Received: April 11, 2022 Accepted: July 17, 2022

Abstract :

There is a general assumption that one must purchase costly antivirus software products to defend one’s computer system. However, if one is using the Windows Operating System, the question that arises is whether one needs to purchase antivirus software or not. The Windows operating system has a market share of 31.15% behind Android with a market share of 41.56% worldwide amongst all the operating systems. This makes Windows a prime target for hacking due to its large user base. Windows 11 a recent upgrade to the Windows operating system has claimed to have taken its security to the next level. There is a need to evaluate the capability of the Windows 11 default security against antivirus evasion tools. This research investigated the capability of Windows 11 default security by evaluating it against 6 free and open-source antivirus evasion tools: TheFatRat, Venom, Paygen, Defeat Defender, Inflate and Defender Disabler. The criteria for the selection of the antivirus evasion tools were free and open source and recently updated. A research lab was set up using Oracle VirtualBox where two guest machines were installed: a Windows 11 victim machine and the Kali Linux attacking machine. The antivirus evasion tools were installed on the Kali Linux machine one at a time to generate a malware and pass it to the victim machine. Apache web server was used in holding the malicious sample for the Windows 11 victim machine to download. A score of 2 was awarded to an antivirus evasion tool that successfully evaded the Windows 11 security and created a reverse connection with the attacking machine. From the research results: TheFatRat had a 25% evasion score, Venom had 20% while the rest had a 0% evasion score. None of the payloads generated with the antivirus evasion tools was able to create a connection with the Kali Linux attacking machine. The research results imply that the default Windows 11 security is good enough to stand on its own. A third-party antivirus solution will only supplement the already good protection capability of Windows 11.

Keywords :

malware; antivirus; evasion; Windows. 

References :

[1] Koret, J., &Bachaalany, E. (2015). The Antivirus Hacker’s Handbook. Indianapolis: John Wiley

& Sons, Inc.

[2] Baker, E. (2018). Evaluating the Necessity of Third-Party Antivirus Software. University of

Skovde.

[3] Garba, F. A., Abdullahi, F. U., Abba, A., Yarima, F. U., Zakari, Z. A., Musa, A. L., et al. (2021).

Evaluating Antivirus Evasion Tools Against Bitdefender. FINTECH-2021: International Conference

on Fintech Opportunities and Challenges, Iqra University, Pakistan. Pakistan: Iqra University.

[4] JavatPoint. (2021). What is Windows? Retrieved April 24, 2022, from Javat Point:

https://www.javatpoint.com/windows.

[5] GlobalStats, S. (2022, March). Operating System Market Share Worldwide. Retrieved April 23,

2022, from StatcounterGlobalStats: https://gs.statcounter.com/os-market-share

[6] Baxter, D., Hanson, M., &Weatherbed, J. (2022, February 04). Windows 11 features, pricing and

everything you need to know. Retrieved April 21, 2022, from Techradar:

https://www.techradar.com/news/windows-11-home-and-pro

[7] Olenick, D. (2021, June 25). Sizing Up the Security Features Slated for Windows 11. Retrieved

April 23, 2022, from Bank Info Security: https://www.bankinfosecurity.com/sizing-up-securityfeatures-

in-windows-11-a-16943

[8] Hachman, M. (2022, April 5). This new Windows 11 security feature will force you to reset your

PC. Retrieved April 23, 2022, from PC World: https://www.pcworld.com/article/629717/this-newwindows-

11-security-feature-will-force-you-to-reset-your-pc.html

[9] David Weston . (2022, April 5). New security features for Windows 11 will help protect hybrid

work. Retrieved April 12, 2022, from

Microsoft:https://www.microsoft.com/security/blog/2022/04/05/new-security-features-for-windows-

11-will-help-protect-hybrid-work/.

[10] Gatlan, S. (2022, April 5). Microsoft announces new Windows 11 security, encryption features.

Retrieved April 23, 2022, from Bleeping Computer:

https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-windows-11-

security-encryption-features/

[11] Garba, F. A. (2019). The Anatomy of Cyber Attack: Dissecting the Cyber Kill Chain.

Scientific and Practical Cyber Security Journal (SPCSJ) , 29-44.

[12] Blackhat. (2020, February 2). Offensive Security Tool: TheFatRat.Retrieved July 26,

2021, from Blackhat Ethical Hacking.

[13] JavaRockstar. (2017, February 18). TheFatRat Tutorial – Generate Undetectable

Payload FUD, Bypass Anti-Virus, Gain Remote Access. Retrieved July 26, 2021, from Hacking

Vision:https://hackingvision.com/2017/02/18/the-fat-rat-tutorial-pwnwinds/.

[14] HackeRoyale. (2020, 6, 27). How FatRat Can Be Used To Create Exploits For Hacking:

Tutorial. Retrieved July 26, 2021, from HackeRoyale: https://www.hackeroyale.com/fatrat-massiveexploit-

tool/.

[15] Rahalkar, S., &Jaswal, N. (2019). The Complete Metasploit Guide.Packt Publishing.

[16] Microsoft. (2022, May 13). Protect security settings with tamper protection. Retrieved

May 15, 2022, from Microsoft: https://docs.microsoft.com/en-us/microsoft-365/security/defenderendpoint/

prevent-changes-to-security-settings-with-tamper-protection?view=o365-worldwide.

[17] Adam, A. S., &Sufyanu, Z. (2021). Performance Comparison of PyRAT and Phantom

Antivirus Software. Sule Lamido UniversityJournal of Science and Technology, 65-72.

[18] Dogonyaro, N. M., Victor, W. O., Shafii, A. M., & Obada, S. L. (2021). Comparative

Performance Analysis of Anti-virus Software. Springer Nature Switzerland AG.

[19] Botacin, M., Ceschin, F., Geus, P., &Grégio, A. (2020). We need to talk about

antiviruses: challenges & pitfalls of AV. Computers & Security , 1-15.

[20] Adam, A. S., Sufyanu, Z., Sani, T., & Idris, A. (2020). Evaluating the Effectiveness of

Antivirus Evasion Tools against Windows Platform.FUDMA Journal of Sciences, 89 – 92.

[21] Panagopoulos, I. (2020). Antivirus Evasion Methods. Piraeus.

Cite this Article as :
Style #
MLA Faisal A. Garba, Rosemary M. Dima, A. Balarabe Isa, A. Abdulrazaq Bello, A. Sarki Aliyu, F. Umar Yarima, S. Abbas Ibrahim. "Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System." Journal of Cybersecurity and Information Management, Vol. 10, No. 1, 2022 ,PP. 18-33 (Doi   :  https://doi.org/10.54216/JCIM.090105)
APA Faisal A. Garba, Rosemary M. Dima, A. Balarabe Isa, A. Abdulrazaq Bello, A. Sarki Aliyu, F. Umar Yarima, S. Abbas Ibrahim. (2022). Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System. Journal of Journal of Cybersecurity and Information Management, 10 ( 1 ), 18-33 (Doi   :  https://doi.org/10.54216/JCIM.090105)
Chicago Faisal A. Garba, Rosemary M. Dima, A. Balarabe Isa, A. Abdulrazaq Bello, A. Sarki Aliyu, F. Umar Yarima, S. Abbas Ibrahim. "Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System." Journal of Journal of Cybersecurity and Information Management, 10 no. 1 (2022): 18-33 (Doi   :  https://doi.org/10.54216/JCIM.090105)
Harvard Faisal A. Garba, Rosemary M. Dima, A. Balarabe Isa, A. Abdulrazaq Bello, A. Sarki Aliyu, F. Umar Yarima, S. Abbas Ibrahim. (2022). Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System. Journal of Journal of Cybersecurity and Information Management, 10 ( 1 ), 18-33 (Doi   :  https://doi.org/10.54216/JCIM.090105)
Vancouver Faisal A. Garba, Rosemary M. Dima, A. Balarabe Isa, A. Abdulrazaq Bello, A. Sarki Aliyu, F. Umar Yarima, S. Abbas Ibrahim. Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System. Journal of Journal of Cybersecurity and Information Management, (2022); 10 ( 1 ): 18-33 (Doi   :  https://doi.org/10.54216/JCIM.090105)
IEEE Faisal A. Garba, Rosemary M. Dima, A. Balarabe Isa, A. Abdulrazaq Bello, A. Sarki Aliyu, F. Umar Yarima, S. Abbas Ibrahim, Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System, Journal of Journal of Cybersecurity and Information Management, Vol. 10 , No. 1 , (2022) : 18-33 (Doi   :  https://doi.org/10.54216/JCIM.090105)