Payload

The payload, in both fields of telecommunications and computing, has been referred to as the portion of the transmitted data packet which holds the actual message.[1] Often, network protocols set a maximum limit to the length of the payload. Furthermore, in the context of malware, the payload refers typically to the malicious codes that may be harmful to the targeted user.[2] A wide range of methods can be applied to distribute different malware payloads. This includes worms, emails, phishing, and many other digital delivery mechanisms. 2 A two-phase method is applied by virtual terrorists to bypass a system's defenses. They do this by holding the data packet's payload, which is considered as the part that causes the damage to the victim separate from the infection vector. However, malware payloads are unable to carry the specified limitations of the maximum carrying capacity.

Functionality

IP Packet Payload

An IP packet might have a payload that has command issued by the end user, just like a request for web content. Commonly, it will carry a payload which consists of the actual data that is transmitted by a server as a response to the request of the user. The relevant protocol specifications usually specify the limits of the payload on PDU. The total length field limits the maximum size of the payload. For the IP packets in the header, the area is 16 bits long, and it means that the maximum possible value is 2 to the power of 16, which implies that the highest potential value for the length of the packet is 65,535 minus the number of the bytes that are really required for the header of the packet.[2:1]

When data packets are sent over the internet, each of the units will be transmitted, including both the header information and the payload. The header will be the part that is used to identify the data packet's origin and destination address. The message being relayed is what is defined as the payload. Since the header information or overhead data will only be used in the process of transmission, the receiving end will no longer see this when the data packet has already reached its destination. Thus, the payload is the only data that will be received by the destination system.

The network protocol payload limits are also significant because they can affect the performance of the protocol;[1:1] smaller payloads mean that more packets must be created and must be transmitted for a volume of data. Larger payloads will also cut down on the need to generate more packets, but it also requires that there must be a fast and a stable network environment that is capable of delivering the large volumes of data without the delays that are caused by errors on transient network conditions.

The payload is part of the private user text, which could also contain malware just like the worms or viruses which performs malicious actions such as deleting the data, sending spam or encrypting the data. In addition to the payload, such malware also typically has overhead the code aimed by simply spreading itself or avoiding detection. On the other hand, in computer networking, the data that will be transmitted is considered as the payload, but it is most of the time encapsulated with some frame which is composed of framing bits and a frame check sequence. The following are its examples: Ethernet frames, Point to Point Protocol frames, Fiber Channel frames, and the V.42modem frames.[1:2]

Malware Payload

The payload also refers to the component of a computer virus that executes a malicious activity.[3] Moreover, when data packets are sent over the internet, each of the units will be transmitted, including both the header information and the payload. The header will be the part that is used to identify the data packet's origin and destination address. The message being relayed is what is defined as the payload. Since the header information or overhead data will only be used in the process of transmission, the receiving end will no longer see this when the data packet has already reached its destination. Thus, the payload is the only data that will be received by the destination system.

Viruses that carry a larger payload are also more harmful to a digital system. There are some viruses that copy themselves from one computer device to other computing devices. Other viruses may steal the data or files, permit eavesdropping or known as unauthorized access, destroy the data and may cause other consequences. It is also possible also to happen for a virus to carry multiple payloads. Currently, malware is more likely to incorporate a payload that will cause damage to the files in the system; instead, they will enable backdoor access to a user's computer and the theft of sensitive information.

Below are some of the ways to execute a destructive payload:[2:2]

  • By using an unprotected computer (computer without an anti-virus installed) connected to a network.
  • By booting the computer using an infected removable medium.
  • By opening an infected file.
  • By executing an infected program.
  • By activating a logic bomb.

  1. https://searchsecurity.techtarget.com/definition/payload ↩︎ ↩︎ ↩︎

  2. https://techterms.com/definition/payload ↩︎ ↩︎ ↩︎

  3. https://www.techopedia.com/definition/5381/payload ↩︎