Automatically Detecting and Removing Malware Using Dynamic Analysis Systems
نویسندگان
چکیده
This paper presents a system that detects unknown malware in user PCs, and automatically creates tools that restore the PCs to the pre-infection states. This system incorporates with dynamic malware analysis systems to detect malware, and creates remediation tools based on the analysis reports. Using the behavior information in the reports, the remediation tools not only delete the malware, but also revert the modifications. The system prototype provides a remediation tool within a few minutes after receiving a malware file.
منابع مشابه
DyVSoR: dynamic malware detection based on extracting patterns from value sets of registers
To control the exponential growth of malware files, security analysts pursue dynamic approaches that automatically identify and analyze malicious software samples. Obfuscation and polymorphism employed by malwares make it difficult for signature-based systems to detect sophisticated malware files. The dynamic analysis or run-time behavior provides a better technique to identify the threat. In t...
متن کاملRevolver: An Automated Approach to the Detection of Evasive Web-based Malware
In recent years, attacks targeting web browsers and their plugins have become a prevalent threat. Attackers deploy web pages that contain exploit code, typically written in HTML and JavaScript, and use them to compromise unsuspecting victims. Initially, static techniques, such as signature-based detection, were adequate to identify such attacks. The response from the attackers was to heavily ob...
متن کاملIdentifying the software and their families using the exploration techniques of sequential patterns in dynamic analysis
Nowadays, crypto-ransomware is considered as one of the most threats in cybersecurity. Crypto ransomware removes data access by encrypting valuable data and requests a ransom payment to allow data decryption. As ransomware is still new in the field of cybersecurity, there are few pieces of research focusing on detecting ransomware samples. Most published works considered System File and process...
متن کاملBareCloud: Bare-metal Analysis-based Evasive Malware Detection
The volume and the sophistication of malware are continuously increasing and evolving. Automated dynamic malware analysis is a widely-adopted approach for detecting malicious software. However, many recent malware samples try to evade detection by identifying the presence of the analysis environment itself, and refraining from performing malicious actions. Because of the sophistication of the t...
متن کاملHarvesting Runtime Values in Android Applications That Feature Anti-Analysis Techniques
It is generally challenging to tell apart malware from benign applications. To make this decision, human analysts are frequently interested in runtime values: targets of reflective method calls, URLs to which data is sent, target telephone numbers of SMS messages, and many more. However, obfuscation and string encryption, used by malware as well as goodware, often not only render human inspecti...
متن کامل