1. General frame- introductory notions

The process through which a malware1 is implanted to infect a system for storing, processing and transmitting information, is called vector of infection , and it differs depending on the transmission channel used and the victim profile. While a malware is the malicious software, the vector of infection is the method used to propagate the malware or to infect other information systems.

Fred Cohen3, known as the founder of defense techniques against attacks by viruses, says in the article "Computer Viruses - Theory and Experiments"4that under theoretical ideal conditions, it is virtually impossible to detect malware. However, their presence may be indicated because of the effects they have on infected systems, although this involves the emergence of possible losses from the time of infection until the implementation of response solutions. Attackers often access the same resources as professionals working in the security industry. They can test the exploits5 and the malware versions and can make the necessary changes for avoiding the alerting of the security solutions in order to attack the target aimed.

In over 60% of the security incidents 6, the attackers have succeeded to compromise the organisation's' systems in only a few minutes , depending on the timeallocated to investigate the infrastructure in order to successfully intrude. The number of security breaches discovered within only few days from the event is much smaller than the time attackers need to compromise an infrastructure. In the graph in figure no. 1 there can be noticed the deficiency of detection regarding the number of attacks and the ability to identify them as soon as possible.

2. Types of malware

The7general term...