The purpose of the research is to improve protection of modern information systems through the development of effective mechanisms against external attacks.
A review of malware found in 2013 year was fulfilled; special attention was paid to targeted attacks. The analysis of technologies implemented in advanced malware samples for distribution, penetration into the systems, concealing the fact of their presence in the systems, complication of their research and analysis was performed. The vulnerabilities of network services of Microsoft Windows XP and Windows 7 as well as the vulnerabilities of popular Internet browsers were analyzed.
Models of software vulnerabilities and features of the investigated samples of malware were developed. The developed models demonstrate the exploitation of vulnerabilities and help in understanding of methods of bypassing security mechanisms.
Fixes (patches) for the investigated vulnerabilities were analyzed by comparing the binary program code before and after installation of the patches. Defects of the source code that lead to the emergence of vulnerabilities are illustrated. Possibilities of further exploitation of the vulnerabilities after installing the patches were investigated.
The results can be used in the analysis of samples of software in terms of hidden malicious functionality and to develop protection of information systems against malicious software, including protection against targeted attacks.