0115 966 7955 Today's Opening Times 10:00 - 20:00 (BST)

Factors Influencing the Technical Defensive Measures on Spyw

Disclaimer: This dissertation has been submitted by a student. This is not an example of the work written by our professional dissertation writers. You can view samples of our professional work here.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UK Essays.



The title of the project chosen by the author is “Study on the Factors Influencing the Technical Defensive Measures on Spyware in Computers and mobile devices” which simply means that the author analyzes the topic through an empirical study. The study focuses on the factors that influence Technical Defensive Measures on Spyware in Computers and mobile devices.

Computers and mobile devices are widely used; they are used to access the internet, while everyone wants to acquire the internet in today's world. While technology advances, so are the criminal activities on the technology.

When talking about computer crime, the first thing that comes to mind is spyware. Spyware is so big of a crime that millions of dollars are lost annually due to it. Hackers use spyware to still private information from the users like credit card information and so on.

Although spyware has been here for a long time, it is computer crime with no legal consequence. Users have little or no knowledge about what spyware is and what it can do to them and their machines (computers and mobile devises).

Even though virus has been around longer than spyware, but spyware is beginning to make its mark with computer security breaches. Spyware can collect personal data from a users' computer. If not taken care of spyware can cause delayed processing of many of your applications.

Below are the brief descriptions of each chapter:

Chapter one: Introduction

This chapter provides a brief overview of the project. It provides the reader with the background information about spyware and the problem statement. The research questions, limitations and methodology are also discussed in this chapter.

Chapter two: Literature Review

This chapter mainly deals with the pertinent literature of the spyware and discussion on the various types of spyware effect and the comparison between the mobile spyware and the computer spyware. Lastly, the chapter will also discuss about the factors enhancing spyware growth.

Chapter three: Research Framework and Hypotheses Development

In this chapter, the author is going to propose the research framework/model and hypotheses to explore the user's perception about privacy, self efficiency, security, legal framework, spyware knowledge and self-efficiency, trust and cost.

Chapter four: Research Methodology

This chapter will describe the research design that is used during the research. The chapter will discuss the overall research process. The chapter will also include information on data collection, sampling plan and questionnaire development.

Chapter five: Data Analysis and Findings

This chapter will outline the data collected through questionnaire and interviews by making use of the appropriate software and analysis of the study. The chapter will also provide discussion of the research findings.

Chapter six: Conclusion and Recommendation

This chapter will discuss about the result of the previous chapter the contribution of the study to the body knowledge. Conclusion along with future enhancement will also be discussed in the chapter. This chapter concludes the research.


This chapter is meant to give the user/reader helpful idea and an insight to the whole research. Most readers will like to get a grasp of the main ideas of a research paper before actually proceeding to read the whole research. This chapter clearly states the primary objective of the research and the main problem which is been researched. The backgrounds and nature of the study are also highlight the purpose of the research. Several books and journals have been read by the author so as to have foundation knowledge on the concept of spyware.

Spyware is a significant problem to most computer users today. The term “spyware” describes a new class of computer software. This software tracks users' activities online or offline, provides targeted advertising, and engage in other types of activities that the user does not desire or the user may describe as invasive to them. Analysis suggests that these types of programs may reside on up to 90 percent (%) of all the computers connected to the internet (EarthLink 2005).

Frequently, programs bundle spyware with freeware or shareware, though it can also arrive via email, instant messages or web downloads.

While the magnitude of the spyware problem is well documented, even do recent studies have had only limited success in explaining the broad range of user behaviors that contribute to the proliferation of spyware. Unlike viruses and other malicious code, users won't even know that spyware is installed in their systems. This is because some spywares cannot be detected by most anti-viruses and anti spyware that we have today. Anecdotal evidence suggests, and our study confirms, that some users are willing to install spyware when the desired application is of perceived high utility and a comparable product without spyware is not available or known to the user (Michelle Delio, 2004). The author's goal in this study is to understand the factors and user's decision making process that leads to technical defensive measures.

During installation, users are presented with notices such as software agreements, terms of service (TOS), end user licensing agreements (EULA), and security warnings. Based on information in these notices, users should, in theory, be able to make a decision about whether to install the software and evaluate the potential consequences of that decision. However, there is a general perception that these notices are ineffective and users often don't even read the software agreement, terms of service, end user licensing or security warnings. One software provider included a $1000 cash prize offer in the EULA that was displayed during each software installation, yet the prize was only claimed after 4 months and 3,000 downloads of the software (PC PitStop 2005).


Spyware has existed at least since the late 1980's when some Keyloggers where discovered in some university computers. “The word 'spyware' was first used in publicly in October 1995. It popped up on Usenet (a distributed Internet discussion system in which users post e-mail like messages) in an article aimed at Microsoft's business model” (Shanmuga 2005).

Over the years, there has been a steady growth in the use of spyware by online attackers and criminals to execute crime against individual, companies and organisations. In the span of just few years, spyware has become the internets' most popular download. During the years, the anti-spyware was developed to tackle this problem. The anti-spyware was meant to find, detect and remove the spyware. But even with the development of anti-spyware, spyware still continues to grow every day. One of the factors that aid this growth is the lack of standard definition of spyware.

Jerry Berman, President of the Center for Democracy and Technology (CDT), explained in testimony to the Subcommittee on Communications of the Senate Commerce, Science, and Transportation Committee in March 2004 that “The term has been applied to software ranging from keystroke loggers' that capture every key typed on a particular computer; to advertising applications that track users' web browsing; to programs that hijack users' system settings.” (CDT 2004) He noted that what these various types of software programs “have in common is a lack of transparency and an absence of respect for users' ability to control their own computers and Internet connections” (CDT 2004).

Different anti-spyware companies and organizations use different definition which makes even difficult for the users of computers and mobile don't even know what spyware is, as such how can they know the threat of it and the harm it those to their devices


The problem statement of this research study is “does the hypothesized factors influence and positively affects the users' attitude towards spyware?”

Even do spyware has been here for over two decades, it still does not have a standard definition. This makes it harder for users to understand what spyware is and how it affects their system, and how deep is the level of impact (Norbert 2007).

Past studies have been done to study the development of spyware and its growth, how it affects the businesses, privacy and other personal information's of the users', and disrupts the performance of the users' machine, and the factors that influence the growth.

While the magnitude of the spyware problem is well documented, these studies have had only limited success in explaining the broad range of user behaviors that contribute to the proliferation of spyware. Unlike virus and other malicious codes, users often have the choice to whether they want to install this spyware or not. This situation often arises as a result of users not reading the software agreement, term of service or the end user licensing agreements. While other users install it with other programs without knowing. Nonetheless, only very few studies focus specifically on the factors influencing the Technical Defensive Measures on Spyware in Computers and mobile devices, and most of them were carried out in the United States of America USA.

Addressing this problem is a very big issue, because users don't want to spend two to five minutes of their time to read the terms of service. The software producers often put in a lot of information in the terms of service there by making the user not read because it is too lengthy.


With reference to the Problem statement, the author suggested the following questions:

  • What are the factors influencing Technical Defensive Measures on Spyware among users?
  • What are the theoretical models used and extended in previous research studies of spyware?
  • What are the users' reactions towards spyware?
  • How will the research result affect the Factors Influencing the Technical Defensive Measures on Spyware on computers and mobile devices?


With reference to the research questions, the author developed the following research objectives for the study:

  • To identify the factors influencing Technical Defensive Measures on Spyware among users.
  • To study and discuss the theoretical models used and extended in previous research studies of spyware.
  • To better understand the users' reaction towards spyware.
  • To discuss the empirical result and the suggestion to promote and reduce the growth of spyware.


The author is studying about the Factors Influencing the Technical Defensive Measures on Spyware in both mobile devices and computers, and he will generate some questionnaires which he will use to gather information from the general public.

This study was design in such a way that the author and other practitioner's will answer questions based on their perspective view. The conceptual model was based on extensive literature review of various theoretical models that is aligned with the technological, network, economical, business and some other dimension. The conceptual model is then converted into research model for validation and testing using data collected from the general public and some network specialist.


This study presents two main implications, the theoretical contribution and the practical contribution. The developed model in this study consists of six constructs; they are spyware knowledge, perceived privacy control, security effect, self efficiency, legal framework, and trustworthiness and trust in vendors. This model is tested empirically to explain what will lead the users to take technical defensive measures.

In practical contribution, the result of this study will also benefit the software vendors, the users of computers and mobile devices, and any other institution will be able to apply the key factors obtained from this research to meet their institutional, organizational or personal needs. This study will benefit in term of providing the users point of view and it will also contribute to administration decisions as the finding of the research help direct them to the area of focus. The findings will make the contribution in term of creating an understanding on the factors influencing technical defensive measures.


This research is design in such a way that it was divided in two adopted steps. The steps are the pre-test study and the main study. The pre-test study was the study that was done in the early stages of the research. This involves the literature reviewing of type of spyware, impact of spyware, how spyware affects the machine and so on.

The pre-test was conducted to gain a greater understanding about spyware. The pre-test study helps in understanding the topic there by producing the main research questions.

The main study will be conducted based on a survey, a questionnaires conducted among users, corporations and some top school in Malaysia. The questionnaire will be use to collect data on some of the identified problems. The collected data will then be analyzed using the appropriate statistic tools.


In conclusion, this chapter introduces the research to the reader by bringing out the background of spyware, the primary objective of the research, also stating the main questions of the research. It also discusses the methodology in summary. In short, this chapter will provides the reader will hopeful idea about the research. The following chapters will further provide the literature review on the Factors Influencing the Technical Defensive Measures on Spyware in our machines and devices.



This chapter will provide an in-depth detail on spyware as well as the types of spyware. The chapter will also bring out all the possible definitions of spyware, the overview of spyware. The chapter will bring out the possible ways in which spyware operates and it will talk a little about the target victims of the spyware. The chapter also talks about mobile device spyware and how it is different of compute spyware. The chapter will also analyze the infection methods of spyware and so on.


It is not easy to bring out a standard definition on spyware, which makes it much harder to understand. But the author will bring out all the definitions he can find and also propose/bring his own definition based on his understanding of the spyware. In the definition of spyware, two particular issues must be included for the definition to be complete. But research shows that users only stick to either one of the two when defining spyware. This two issues are always been contested by the users. The two particular issues contested are the range of software behaviour and the degree of user consent that is desirable.

Firstly, some users prefer the narrow definition which focuses on the monitoring (Surveillance) aspects of spyware and its ability to steal, communicate and store information about users and their behavior. Others prefer the broad definition that includes adware, toolbars, search tools, hijackers and dialers. Definitions for spyware also include hacker tools for remote access and administration, key logging and cracking passwords.

Second, there is limited agreement on the lawfulnessof spyware that engages in behavior such as targeting advertisements, installing programs on user machines and collecting click stream data. Users consider a wide range of programs that present spyware-like functionality unacceptable. To complicate the definition, certain software behaviors are acceptable in some contexts but not others. Furthermore, there is concern over user notice and consentrequired during an installation process. The practice of bundlingsoftware, which merges spyware with unrelated programs, also heightens this concern.

Jerry Berman, President of the Center for Democracy and Technology (CDT), explained in testimony to the Subcommittee on Communications of the Senate Commerce, Science, and Transportation Committee in March 2004 that “The term has been applied to software ranging from keystroke loggers' that capture every key typed on a particular computer; to advertising applications that track users' web browsing; to programs that hijack users' system settings.” (CDT 2004) He noted that what these various types of software programs “have in common is a lack of transparency and an absence of respect for users' ability to control their own computers and Internet connections” (CDT 2004).

The author will also like to propose his definition of spyware based on his understanding of the matter. Spyware is a program that is installed in the machine with or without the permission of the user, and it can monitor the activities of the user, steal valuable information from the user and send to a third party and disturb/regulate the functionality of the machine like speed, stability and internet access efficiency.


2.3.1 Types of spyware

Basically any software that can be installed in the user's machine which is used to obtains information from their computer or mobile device without their knowledge can be termed as a spyware. There are many types of spyware that are doing the rounds on the Internet, but in technical terms, you can classify them into two broad categories namely, Domestic Spyware and Commercial Spyware (UpickReviews 2007). Domestic spyware

Domestic spyware is software that is usually purchased and installed by computer owners to monitor the Internet behaviour on their computer networks. Employers usually use this software to monitor employee online activities. Some family members use domestic spyware to monitor other family members, while parents and guardians often use this kind of software to monitor the activities of their children online. Some people use this kind of software's to spy on their friends and girl friend.

In America, many couples often install this kind of software on their partner's mobile phone in other to monitor their call. This usually happens when one party thinks the other is cheating on them.

A third party can also install domestic spyware without the knowledge of the computer owner on their machine or mobile device. Law enforcement officials have often used domestic spyware to monitor suspected criminal activity and criminals have used domestic spyware to siphon personal information from private computers in order to steal assets (TopTenReviews 2003).

Domestic spyware is one of the most common spyware used on mobile devices. This is done to monitor the activity of the target victim i.e calls and SMS. Commercial spyware.

These types of software systems are often used by third parties to monitor and record the browsing behaviour of the user. The main purpose of it is to monitor the online habits of the user and sell the gathered information to anyone who might be interested. It is often online businesses that buy the information and use it to hit the user with targeted advertising, i.e. advertisements that relate to your usual Internet browsing habits.

Advertisers often use commercial spyware simply because it is far simpler, economical and faster than collecting information through legal means such as contests, questionnaires, registration surveys and the likes. It is also because information gathered by spyware is far more reliable because users often don't cooperate when it comes to filling questionnaire sincerely, while some may accept to do it but they will not give true information when it comes to their private things. Since it represents the user's true browsing behaviour, the advertisers go for it. You may take your pick while filling out an online registration form, but you just cannot cheat a spyware because it simply monitors and records all your activities. In the past marketers had to bribe their way to learn the user's preferences through contests, registration surveys and the like. Those methods of gaining the user's personal information still exist, but in those cases you have the power to read the fine print to learn the fate of your data and so could choose to consent or refuse

There are many types of spyware that are classified under commercial spyware. They are: Browser hijackers, adware, Malware, dialers, Trojans and viruses, Worms, etc. Adware

Adware is the most common type of spyware available. They are cookies which hide on your computer waiting for you to go online. The cookies often get into your computer through popup that you open. Once the adware detects that you're connected to the Internet it starts sending you popup, pop-over, pop-under ads, and some sort of advertisement for anything from airline tickets to porn site membership. Not only that but even information on your viewing habits is tracked and stored. This data is then sold on to marketing companies who will be sending you more junk email and popup ads (Spam-site 2006). Dealers

Software that gets installed on your computer that has the ability to make phone calls from your computer, though a phone-connected modem, without your knowledge. These programs will connect to other computers, through your phone line, which are usually porn sites. These numbers are pay per minute call though, so you get charged for the amount of time your computer is connected to it.

ile dialers do not spy on users they are malevolent in nature because they can cause huge financial harm to their victims. It is mostly used by porn sites. They can also be classified as hijackers (Abrams 2009). Malware

Malware is malicious software designed specifically to damage user's machine. But Malware is typically not self-replicating or designed for PC-to-PC distribution (Pareto 2009). Trojan

Trojan is a program that contains hidden functionality, often posing as useful applications yet performing Spyware or Adware functions and facilitates unauthorized access to the user's computer system. The term ‘Trojan horse' was found from the mythical wooden horse that carried hidden Greek soldiers into Troy (Pareto 2009). Worm

Worms are self-replicating, fast-spreading Internet threats that are more like viruses than Spyware. They differ from viruses in that they can replace entire files on the host computer. Both viruses and worms attempt to spread to as many computers as possible, using e-mail, the Internet, and file-sharing networks as methods of distribution (Pareto 2009).


The usual method for a spyware to operate is to run secretly in the background of the users' computers (McCardle 2003). The reason behind this concealing of processes is commonly argued as that it would hardly be acceptable, e.g., if free file-sharing software kept stopping to ask the user if they are ready to fetch a new banner or a pop-up window (Townsend 2003). Therefore, the client/server routine of spyware is normally executed in the background. In practice, there would be nothing wrong with spyware running in the background provided that the users know that it is happening, what data is being transmitted, and that they have agreed to the process as part of the conditions for obtaining the freeware. However, most users are unaware that they have software on their computers that tracks and reports information on their Internet usage to a third party. Typically, a spyware program secretly gathers user information and spreads it without the user's knowledge of it. Once installed, the spyware monitors, e.g., user activity on the Internet and transmits that information in the background to third parties, such as advertising companies. In reality, spyware run constantly, even when their carrier program, e.g., a file-sharing tool, has been terminated.

A more or less legal grey area is utilized by the spyware actors, since in most program licenses they specify that information may be gathered for corporate purposes. However, the usual model is to collect more information than they have asked for (Townsend 2003). Besides this, most license agreements are been formulated in such a way that the reader finds it extensively hard for users to understand.


Spyware infects its victims through many different ways. The most common of these ways include drive-by download, P2P wrecks havoc, free software download, social engineering and vulnerability route.

2.5.1 Drive-by downloads

This is a program that is automatically downloaded to user's computer, often without the user's knowledge. The download may be initiated when the user visits a website or by another application. Drive by downloads can also be initiated by Mouse Over downloads, requiring a user to run the mouse over a malicious Pop-up ad or malicious pop-up window.

Another scenario is when the user visits a website that pops up a window with a message like in order to properly view this website you must install this program. The FTP / HTTP Get request will initiate the download of the software onto the client machine. Installation will be performed by the user and during this installation they will be asked permission to install the malware as well as the software.

Internet Explorer uses ActiveX controls for installing legitimate plug-ins like Flash, to enhance the browser's functionality and provide interactive programs for Internet Explorer. When misused, it provides a means for installing spyware such as dialers, browser hijackers, and other types of malware. ActiveX programs can automatically download to a user's computer, often without user's knowledge. It can be invoked from web pages through the use of a scripting language or directly with an HTML OBJECT tag. On execution by a web browser, it has full access to the Windows operating system and does not run in a “sandbox". Depending on browser security settings, the browser application may display a security warning to either stop or continue the installation. The warning may not offer a proper description of the program, and usually is misleading or could be masked by other deceptive dialog boxes. Sometimes “No” is not taken for an answer, and repeated attempts are made to get the user to approve and download the application. ActiveX controls can be signed or unsigned. Signed ActiveX controls are automatically installed while browsing the web, and are used by spyware applications. A signed ActiveX control only verifies that the code or control was from the signer and that it has not been altered; however, it may still be malicious (Shanmuga 2005).

2.5.2 P2P Wrecks Havoc

Most of the spyware comes bundled with other popular programs that are that are free, also through most of the peer-to-peer networks like Kazaa, Bearshare, Limewire among others. They install malware in the machine as part of the P2P installation process. The P2P application may not function if these components are not installed. These “free” versions generate ad revenue for their publishers, causing pop-ups and sending information to affiliate networks for data aggregation or data mining.

Applications such as Cydoor, New.net, TopText, SaveNow, Webhancer, VX2, CommonName, GetNet/ClearSearch, IncrediFind and OnFlow are among the few applications that are installed this way and may serve up ad banners and ad messages, or track your Internet surfing habits. Unfortunately, the makers of the host programs try not to advertise their programs' hidden payloads. Reading the licensing agreement (carefully) during installation will often reveal embedded licenses for the piggybacking adware (Shanmuga 2005).

2.5.3 Software free web download

Some of the software's that they claim is free in the internet, when you download and install them, at the same time you will be installing a secondary program. This secondary program is a spyware. It will monitor your activity and report to a third party or a central database. If the user notices the spyware and deletes it, but didn't delete the software, whenever the system online, the software will download the spyware application and install it again.

This kind of infection often occurs when the use fails to read the license agreement. In other cases, the license agreement is twisted in such a way that the user will not understand it (Shanmuga 2005).

2.5.4 Social engineering

Sometimes when users browse the web, they may receive offers for corrective programs or special plug-ins that may be described as necessary for viewing the site. These voluntary but covert and unintentional installations are one source of spyware. Some of these offers are made to appear like a Windows alert from Microsoft or an anti-spyware application to tricks users into downloading and installing them (Shanmuga 2005).

2.5.5 Security holes in internet explorer

Another method of infection is by exploring the security holes in internet explorer. Internet Explorer has had multiple security vulnerabilities, some of which are disclosed by Microsoft with downloadable updates and patches. Some spyware applications take advantage of these holes and install Trojan droppers, which redirect the browser to portal sites. CoolWebSearch (one of the most notorious pests in recent times) and many other spyware are known to take advantage of Internet Explorer security holes. KeenValue, and InternetOptimizer are examples that use Trojan downloader (Shanmuga 2005).


Since 2004, spyware has been observed to spread among mobile devices through Bluetooth, infrared, and other forms of connections like wireless network. According to F-Secure, the number of spyware known to target mobile devices are approximate 100 (Hypponen, 2006), as of then. However, others like (Dagon, Martin, and Starner, 2004) believed that spyware will inevitably grow into a serious problem in the future. There had already been some complex, blended spyware threats on mobile devices. Within a few years, mobile spyware have grown in sophistication in a way reminiscent of 20 years of PC spyware evolution. Unfortunately, mobile devices ware not designed for security and they have limited defenses against continually evolving attacks.

Mobile devices are attractive targets for several reasons (Hypponen, 2006a). This is because mobile devices have progressed far in term of hardware and communication. Mobile phones have grown from simple organizer/ communication device to a mini computer with their own operating system (like palm, windows mobile, google phone and so on) that can download and install applications.

Another reason for the mobile device attack is because they are well connected. They are capable of internet access for Web browsing, facebooking , emailing, charting and applications similar to those in the PCs. They can also communicate by cellular, IEEE 802.11 wireless LAN, short range communication like Bluetooth and infrared for shorter range communication, and multimedia messaging service (MMS).

Another reason for mobile spyware attack is the size of the target population. Such large target population is attractive for the spyware and malware writers who want to maximize their impact.

2.6.1 Differences to computer spyware

There are three important difference of mobile device security compared to personal computer security (Becher and Freiling 2008).

A first difference is the inherent possibility for Spyware to generate costs for the user and revenue to the Spyware author. This problem existed previously in PC security, when dialup connections via modem or ISDN were common. Spyware could dial premium rate numbers and with it directly benefit the Spyware author. With the appearance of DSL and flatrates, this problem mostly vanished, because the connection to the telephone system was not available anymore. In mobile devices however, it will most likely be a problem for a long time. Even if flatrates for data or voice services become common, separately charged premium services will always be available.

The second difference is the presence of the mobile network operator and its influence on the device. Different from PCs, where the network provider almost always has no influence on the user's computer, the mobile network operator has a trusted device inside the mobile phone, the SIM card. In combination with the SIM Application Toolkit (SAT) it is possible to create trusted applications on the mobile phone with enhanced security. This difference remains true even despite of the facts, that trusted platform modules start to appear in PCs and that third-party trusted modules are available for mobile devices, e.g. embedded into a memory card. Both do not have the unique owner that the SIM card has.

The third difference is a question of reputation, which is connected to the second difference. The mobile network operator will invoice every event that generated costs, even though it might have been generated by Spyware. Therefore, it can be expected that the mobile network operator will be held responsible from the user's point of view. In case of a widespread outbreak where several network operators are involved, mobile Spyware might even have an impact on the reputation of the entire mobile phone system in general.

2.6.2 The Users of Mobile Devices

The implications of security measures like application frameworks (e.g. the Java framework J2ME) and signature schemes for different trust levels might not be understood by the average user. A recent example is the iPhone that was locked for third-party software.

This was a good measure from the security point of view. But this measure was not accepted by its users (for usability reasons), forcing the Apple to unlock the devices, thus decreasing their security. So it can be expected, that devices will be open to extensions, and therefore Spyware, in the future.

The average user does not have extensive knowledge of security (Whitten and Tygae 1999). Even if his security-awareness should be increased by media coverage of security incidents (like worm or virus outbreaks), it seems questionable, if he is able to differentiate between different classes of security products to use them correctly. An additional proposition is that even if the user is security-aware, his will to get into the depths of security research and products might be close to zero (Görling 2006). Therefore, it can reasonably be assumed, that the user of mobile devices will never become security-aware. Especially techniques of social engineering can be expected to be successfully applicable for an indefinite amount of time.

Additionally, it is assumed here that the appreciation of the mobile device is lower than for desktop PCs, and that it is more seen as a disposable item. Therefore, the cost of security solutions must be lower than for PCs, the solutions should especially work automatically and should not need much operator maintenance like adding new signatures to anti-virus databases.

Because of these facts, it is proposed that most of the users need a solution that is embedded into the normal handling of the used device rather than a separate solution.

But even though most of the users do not want to spend their time with security, they have different security needs. Some might especially want to prevent unwanted costs while others might be more concerned about their personal data.


Spyware generally has no specific target victims, but in some cases it has specific victims. It attacks any and every one that falls into its trap. It usually hides in other programs or in some websites (like porn sites). Spyware is divided into two, domestic and commercial spyware.

The victims of domestic spyware are specific, because domestic spyware is software that is usually purchased and installed by individuals to monitor the Internet behaviour on their networks. Employers usually use this software to monitor employee online activities. Some family members use domestic spyware to monitor other family members, while parents and guardians often use this kind of software to monitor the activities of their children online. Some people use this kind of software's to spy on their friends and girl friend.

Large companies and businesses are also among the most popular spyware targets. This often happen due to competition in the business or personal enmity, while sometimes is just for fun. In this kind of situation, malwares are often used. This is because malware is specifically design to damage the machine.

The most popular victims of spyware are the general public. This is because spyware infects and still information about the general public and sends them to a third party who sells the information to advertising companies. More than 80% of general public that are using the internet have/had been affected by spyware one way or another. This shows that both mobile device users and computer users can be affected by spyware.

2.7.1 Mobile devices

Not all mobile device users can be affected by spyware. There are categories of mobile devices that can be affected. This includes a blackberry, palmtop, iphone, and any other mobile device that has Bluetooth or can connect to the internet. This is because spyware has to be downloaded, transferred or installed from a source.

2.7.2 Computers

All type of computers can be affected with spyware if they are online. Sometimes, the computer is not infected through the internet, but spyware needs the internet so as to establish connection with the third party.


Spyware may occupy resources of the computer that it infects or alter the functions of existing applications on the affected computer to the benefit of a third party. In that sense, spyware poses several risks. One commonly argued is that spyware compromises a user's privacy by transmitting information about that user's behavior (Jacobsson, Boldt, and Carlsson 2004). Even so, a spyware can also detract from the usability and stability of the computing environment of the user (Sariou, Gribble, and Levy 2004). In addition, a spyware has the ability to introduce new security vulnerabilities to the infected host by downloading software updates (McCardle 2003). Due to that spyware is widespread; such vulnerabilities put numerous amounts of computers at risk.

To summarize, the occurrence of spyware programs aisle a real and growing threat to Internet usage in many aspects, and to other interested parties than only to end users. Four categories frequently argued on this topic are:

(Websense 2003; McCardle 2003; and Townsend 2003).

2.8.1 Consumption of system capacity

Spyware is often designed to be secretly loaded at system startup, and to partly run hidden in the background. Due to that it is not unusual for users to have many different instances of spyware running covertly simultaneously, the cumulative effect on the system's processing capacity can be dramatic.

2.8.2 Consumption of bandwidth

The continual data traffic with gathering of new pop-ups and banner ads, and delivery of user data can have an imperative and costly effect on both private and corporate bandwidth.

2.8.3 Security issues

Spyware covertly transmits user information back to the advertisement server, implying that since this is done in a covert manner, there is no way to be certain of exactly what data is being transmitted.

Even though spyware, in its purest form, is a threat to privacy rather than security, some spyware programs have begun to act like Trojan horses. Most security experts would agree that the existence of spyware is incompatible with the concept of a secure system.

2.8.4 Privacy issues

The fact that spyware operates with gathering and transmitting user information secretly in the background, and/or displays ads and commercial offers that the user did not by him-/herself chose to view, makes it highly privacy-invasive. Also, spyware enables for the spreading of e-mail addresses that may result in the receiving of unsolicited commercial email (so called spam).


In his chapter, the author provided an in-depth detail on spyware as well as the types of spyware, as well as all the possible definitions of spyware, and the overview of spyware. The author had also explain the how spyware operates, and talked a little about the target victims of the spyware.

In conclusion, this chapter explain some of the main components of spyware and how they operate. And the next chapter talks about the research framework and hypotheses.



In this chapter the author is going to propose the research framework/model and hypotheses to explore the user's perception about privacy, self efficiency, security, legal framework, spyware knowledge and self-efficiency, trust and cost.


Knowledge here is defined as the user's understanding of, and awareness relating to various spyware and adware related terminology. Individuals who are more knowledgeable about Internet security issues would be more prepared, able and confident in their ability to protect themselves from such risks. In other words, greater knowledge would enhance their self-efficacy (Buchanan et al. 2007; and Dinev and Hu 2007).

Furthermore, the link between higher privacy self-efficacy and greater knowledge about associated terminology such as privacy seals had been previously acknowledged (Rifon, LaRose and Choi 2005).

The survey question about the spyware knowledge consists of five questions. These questions are designed to test the user's knowledge about spyware. Research has shown that if users know about spyware, they find it easy to defend their machines, as stated above.

h3: Spyware knowledge will be positive associated with technical defensive measures.


Without knowingly providing permission for spyware installation, the user is likely to see spyware as a violation of privacy (Sipior 2005). Research on spyware has addressed users' concerns about privacy (Freeman and Urbaczewski 2005; Hu and Dinev 2005; Klang 2004; Lee and Kozar 2005; Poston 2005; Shukla and Nah 2005; Sipior 2005; Stafford and Urbaczewski 2004; Warkentin 2005; and Zhang 2005). Users' knowledge of internet privacy violations was empirically found to be the lowest among knowledge on security issues (Zhang 2005). Online interaction should be addressed, with a focus on user concerns with a software vendor's spyware activities resulting from actual use of that vendor's application software.

According to Cheung and Lee (2000), Perceived Privacy Control should be included to address software vendor control over privacy protection. Perceived Privacy Control refers to the users' perception of the software vendor protecting, from unauthorized use or disclosure, users' personal information collected during software use. The users will be hypothesized with a high degree of Perceived Privacy Control, and their overall trust on software vendors may increase.

The survey question about the spyware privacy control consists of five questions. These questions are designed to see how the users value their privacy and so on.

h3: Perceived Privacy Control will be positive associated with technical defensive measures.


According to Ames (2004), spyware is a relatively new malware related with security thread. Predo (2006) stated that the FBI estimated that only in 2005 around $67 billion was lost to cybercriminals.

This means that they are programs that enter your system without any authorization causing severe security exposure and risk. This kind of program can gain complete control over your system, starting whenever the user turns on the system. Halderman (2006) supports this motion by stating that these kind programs can sniff the system for any desired data and can transmit anything to outside source.

Spyware effect or attack on computer and mobile devices from different levels. The levels vary from low to high security risks for individuals and corporations.

McFedries (2005) believes that any system that is exposed to the internet, using well-known services can become a spyware victim. Symptoms might appear, depending on which form of spyware they have encountered.

The survey questions about the security thread consist of six questions. This study examines the user's perception on spyware security threat and whether or not it influences technical defensive measures among users.

H3: Security Effect will be positive associated with technical defensive measures.


Self-efficacy reflects the belief in one's ability to accomplish desirable goals. Greater knowledge and experience operating within a given environment may serve to increasing individual's belief in accomplishing goals. In the spyware context, those with greater self-efficacy are more likely to protect themselves against spyware. The relationship between self efficacy and confidence constructs has been widely acknowledged in contexts ranging from career decision making (Borgen and Betz 2008; Paulsen and Betz 2004), alcohol abuse (Demmel, Nicolai and Jenko 2006), and negotiations (Sullivan, O'Connor and Burris 2006). Bandura (1997) defines self efficacy as one's ability to organize and execute a specific course of action.

Previously, self-efficacy has also been found to be a powerful predictor of Internet usage and computer software adoption (Dinev and Hu 2007; Eastin and LaRose 2000).

Specifically in the spyware content, users with greater self-efficacy have been shown to adopt technical defense measures such as antivirus and antispyware software (Dinev and Hu 2007).

The survey question about the spyware privacy control consists of three questions. These questions are designed to see how confident are the user's when it comes to protecting themselves against spyware attack.

H4: Self Efficiency will be positive associated with technical defensive measures.


Previous spyware research has concluded that at its worst, spyware is a computer crime with uncertain legal consequences (Hu and Dinev 2005). The U.S. government is investigating the legitimacy of spyware (Sipior et al. 2005). However, “regulations are rudimentary” (Stafford and Urbaczewski 2005). Nonetheless, users expect industry and government to regulate problematic spyware (Freeman and Urbaczewski 2005). To assess user perceptions of legal protection, the Legal Framework variable, according to Cheung and Lee (2000), is included in this study. The author hypothesized that users who believe the U.S. legal system protects software users will trust the software vendor.

The survey question about the spyware legal framework consists of two questions. These questions are designed to test the user's knowledge about the legal framework of spyware.

H5: Legal Framework will be positive associated with technical defensive measures.


Trust is regarded as an emerging central aspect in the acceptance of technology (Gefen 2002). While previous research on spyware has recognized the importance of trust (Awad and Fitzgerald 2005; Hu and Dinev 2005; Klang 2004; Lee and Kozar 2005; Shukla and Nah 2005), trust was not empirically evaluated.

Trust has been conceptualized as Trustworthiness and Overall Trust. Trustworthiness is a set of specific beliefs including Integrity, Benevolence, and Ability of another entity (Doney and Cannon 1997; Ganesan 1994; Gefen and Silver 1999; Jarvenpaa and Tractinsky 1999). The general belief that another entity can be trusted (Gefen 2000) is referred to as Overall Trust. The set of specific beliefs are considered to be antecedents to the general belief (Jarvenpaa and Tractinsky 1999; Mayer and Davis 1999; Mayer et al. 1995). Based on previous empirical research on the role of trust in the acceptance of commercial websites (Gefen 2002; Jarvenpaa and Tractinsky 1999; Reichheld and Schefter 2000), we expect a user's view of the trustworthiness of a software package to affect their overall trust of the software e.g: anti-virus or anti-spyware.

H6: Trustworthiness and Trust in Vendor will be positive associated with technical defensive measures.


The author proposes the research model presented in Figure 3.1 below based on previous spyware research. Seven variables and the relationship between them are identified, including the spyware knowledge, the user's belief that the software vendor is trustworthy, the user's perception of being able to control information privacy, the user's perceptions of the protection afforded by existing spyware laws, the user's perception on the security threat, the user's perception their self-efficiency, technical defensive measures. Consistent with previous research the user's perceived control over privacy, and the user's belief that the U.S. legal system protects internet users, The spyware knowledge leads to self-efficiency on the user's, who in turn protect themselves against spyware attack, The security threat that threatens the privacy of the user's. These variables are expected to decision there by implementing defensive measures or increasing their defensive measures. These variables are discussed as they relate to the growth of spyware, which increases its impact on computers and mobile devices.

The purpose of this study is to answer the following research questions:

  • What are the factors influencing spyware growth among users?
  • What are the theoretical models used and extended in previous studies of spyware?


According to Hu and Dinev (2005), users' that encounter spyware are likely to take steps to protect themselves. Usually, such defensive measures are pursued quickly because users may perceive little control over spyware. Different individuals would most likely take different approaches to protecting themselves.

The defensive measures employed by Internet users can be broadly classified into two types. The first and more common method is Technical Defensive Measures which is the installation of antivirus and firewall packages. These measures require the explicit installation of software packages that are specifically designed to prevent spyware and adware infections.

The second approach Tactical Defensive Measures which is risk avoidance. These measures require the explicit installation of software packages that are specifically designed to prevent spyware and adware infections.


In conclusion, these chapter discuses the research framework developed and the research model as well. The hypotheses of this research paper have also being presented in this chapter. It also explains the defensive measures which will help the user to protect their computers and mobile devices from spyware attack. The defensive measures don't guarantee you that your system will not be affected by spyware but it reduces the risk of getting attack by spyware.

The following chapter will discuss on the research methodology.



The purpose of this chapter is to provide an in-depth explanation of the research method adopted in conducting the research. In this chapter, research methodology will be explain in detail, research design, geographical location of the study, method used for data collection, sampling techniques and the methods of analysis will all be covered in this chapter. This chapter is of great importance to this research because it emphasizes on the adopted methods used to answer research questions.

At the end of the chapter, questionnaire survey will be conducted and the questionnaire will be developed. The questionnaire administration and collection will also be discussed. Finally, the methods and instrument which will be used to analyze the data collected will also be discussed.


There are two types of research methodologies, which are qualitative methodologies and quantitative methodologies. However, some researchers prefer qualitative over quantitative approaches of vice versa. Qualitative data analysis describes and summarizes the mass of words generated in interviews or observational data based on its topology. This will allow the author to find the relationships between various themes that have been identified. On the other part quantitative methodology is applied for the data analysis collected from the questionnaires.

In this research paper, both quantitative and qualitative are been used. Quantitative is used since some interview will be conducted, will the presence questionnaire means qualitative is also used.

This means this research is conducted based on a triangulation approach. It is called triangulation approach because more than one data collection technique is been used in conducting the research.


The location of this research was Malaysia. The researcher wanted to conducts interviews in many countries but due to lack of time and resources he decided to stick with Malaysia. The research was conducted between students and employees, which are picked randomly from many schools and organizations. However this study is not claiming that the few interviews and questionnaires distributed represent the Malaysian nation in all matter. But it will give us an idea about the responds of the Malaysian people.


The main purpose of this research is to investigate and examine the factors that influence the technical defensive measures on spyware in computers and mobile devices. Due to this issue, a questionnaire is chosen as the source of data collection.


A sampling plan requires several steps in its process with the first step being the definition of the population. The research is aimed to obtain users reaction and knowledge towards spyware. Therefore, the target population will be the general public, including students and lecturers. Half of the questionnaire will be distributed among those that have knowledge about spyware, while the other half will distributed between those that don't have an idea what spyware is and how it can affect them.

Random sampling, a type of probability sampling will be the sampling method which will be used in this research. Random sampling requires that the subject to be randomly from the target population, which means that everyone will have equal chance of being selected. This means that anyone among the target population can be chosen.

Descriptive statistics will be used on the data to test for the factors influencing technical defensive measures. These descriptive statistics will show the frequency, percentage and the mean of each variable.

Multiple regression analysis will be use to test theoretical mode as this technique is useful in analyzing the relationship between single dependent variable and several independent variables (Hair, 2006).

The sample size for this research is 200 respondents that include university students, lecturers, and others. The main purpose for distributing two hundred questionnaires is to get as many responds as possible which can help give a correct result. Therefore by distributing 200 questionnaires the author can able to reach at least one hundred respondents.


There are two main methods available for data collection, the primary and secondary data collection methods.

4.6.1 Primary Data

This research used quantitative data in the form of questionnaires. There are two types of questionnaires involved in this research the first type of questionnaire is purposely for the general public that know what spyware is while the other is for general public who don't know what spyware does.

The quantitative data in form of questionnaires consist of close and open ended questions, both the questionnaire cover relevant areas needed for the research which is designed to collects information from general public.

Questionnaire was selected as a quantitative method for collecting data because it is a scientific instrument for gathering reliable and valid information for some purpose(s) (Oppenheim 1966).

Developing a research questionnaire is a bottom up process. This emerges from consultations with people in the field, from people who are involved with the issue, and from those who have an interest in learning more about it. Therefore it will be data originated by the author for the specific purpose of addressing the research problem.

In addition to that an interview will also be conducted among the general public especially those that had experience about spyware to help get a correct result.

4.6.2 Secondary Data

This refers to data that have been already collected and analyzed by other people. As for the secondary sources of data in this study, literature reviews is being conducted. This is made up of references from journals, articles, textbooks, dissertations, online papers and many others. Most of the information in the literature review can be found online due to the easy accessibility of the internet and its cheap cost, while IEEE and journals of applied sciences. The main purpose of retrieving these data is to find a basis for the research and acknowledge the work of experts who had contributed to the pertinent literature on the subject matter.


A questionnaire which was developed in English that was self-administered, done in Malaysia and pre-tested before distribution ensures the accomplishment of the research.

During the pre-test session, a small group of 10 people had reviewed the questionnaire including the author's supervisors and some of his colleagues. This group gave their opinions and some suggestions which were taken into consideration by the author to ensure readability and understanding of each question.

The survey was then revised and the necessary changes were made, and a second pre-test is done on another population of 10 students and the author's supervisor. The results collected are analyzed. As there are no more changes required from the second pretest, the forms/questionnaires are being distributed to the target population.

The survey was distributed with the help of friends and also supervisor. Some few questionnaires ware send online to some selected school and friends through email.

A total of 200 questionnaires are distributed and the author is still waiting to collect some of the remaining surveys.


4.8.1 Independent variables

The independent variables were selected based on factors derived from previous studies. The questions were modified to fit the context of the current topic “spyware”.

There are six independent variables used in this study, namely spyware knowledge, perceived privacy control, self-efficiency, security effect, trustworthiness and legal framework. Each of these variables has between two to six questions. There are many questions because it is better to have many questions to reduce biasness of responds.

A total of 25 questions were developed for the six factors that are being studied. All the questions were measured using the five Likert scale. Where the first one stands for strongly disagree, the second one stands for disagree, the third one stands for neutral, the fourth one stands for agree and the fifth one stands for strongly agree.

4.8.2 Dependent Variables

A total of two questions were developed to measure the technical defensive measure on spyware. All the questions were also measured using the five Likert scale. Where the first one stands for strongly disagree, the second one stands for disagree, the third one stands for neutral, the fourth one stands for agree and the fifth one stands for strongly agree.

The data that were collected from the questionnaire were then analyzed using the SPSS (Statistical Package for Social Science).


The survey has eight main sections with a brief introduction given at the start of the survey. The first section entitled Background collects the demographics information of the respondents by giving five questions consisting of gender, age, their occupation, their nationality, and their educational status. All the questions will answer by ticking.

The second section is entitled Spyware Knowledge, it collects the users' perception on how well they know spyware. The survey consists of five questions namely, spyware interferes with the use of internet and their machines, spyware affects the functionality of the system, spyware steal information with or without the knowledge of the use, spyware bundles with other free software, and spyware reduces the performance of the machine. . All the questions were also measured using the five Likert scale. Where the first one stands for strongly disagree, the second one stands for disagree, the third one stands for neutral, the fourth one stands for agree and the fifth one stands for strongly agree.

The third section is entitled Perceive Privacy Control, it collects the users' perception on how much they value their privacy. The survey consists of five questions namely, I value my privacy very much, I think spyware is a violation of privacy, spyware collects private information without the users' knowledge, spyware collects online password account, credit card information among others, I don't trust software vendors because they often don't guarantee my privacy. All the questions were also measured using the five Likert scale. Where the first one stands for strongly disagree, the second one stands for disagree, the third one stands for neutral, the fourth one stands for agree and the fifth one stands for strongly agree.

The fourth section is entitled Security Effect, it collects the users' perception on the level of security threat spyware can be. The survey consists of six questions namely, Peer-to-peer file sharing plays a role in the distribution of spyware, Spyware discloses or transfers information to third party, Spyware create security risks for or cause harm to businesses, Users won't know if spyware is being placed on their personal computers, Spyware exposes my system to increase risk of hackers, Businesses lose their confidential data and reputation to spyware attack. All the questions were also measured using the five Likert scale. Where the first one stands for strongly disagree, the second one stands for disagree, the third one stands for neutral, the fourth one stands for agree and the fifth one stands for strongly agree.

The fifth section is entitled Self Efficiency; it collects the users' perception on how confident they are when it comes to protect their machines against spyware attack. The survey consists of three questions namely, I know what spyware is and what it does to systems, I protect my system using anti-viruses and anti-spywares, before installing any new software in my system, read the privacy policy to avoid unwanted installation. All the questions were also measured using the five Likert scale. Where the first one stands for strongly disagree, the second one stands for disagree, the third one stands for neutral, the fourth one stands for agree and the fifth one stands for strongly agree.

The sixth section entitled Legal Framework; it collects the us

To export a reference to this article please select a referencing stye below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Request Removal

If you are the original writer of this dissertation and no longer wish to have the dissertation published on the UK Essays website then please click on the link below to request removal:

More from UK Essays

Get help with your dissertation
Find out more