An Infrastructure for Detecting Malware
ثبت نشده
چکیده
A malware is a program that has a malicious intent. Nowadays, attack from malwares is rising in alarming fashion and thousands of malwares are injected to the Internet. Malware authors use many techniques like obfuscation and packing to avoid detection. A number of techniques for malware detection are available and none of them able to detect all types of malwares. In this paper, a more efficient malware detection framework is presented. This framework utilizes the ability of sandbox to analyze files in an isolated environment. A group of sandbox is arranged parallel and process each incoming file from the Internet to internal network. A credit is assigned to each operation made by the file under inspection. Report generated by each sandbox is converted into a general intermediate format. Average credit of a specific file is calculated based on average credit from individual reports. Files are classified as malicious or
منابع مشابه
Infrastructure for Detecting Android Malware
Malware for smartphones have sky-rocketed these last years, particularly for Android platforms. To tackle this threat, services such as Google Bouncer have intended to counter-attack. However, it has been of short duration since the malware have circumvented the service by changing their behaviors. Therefore, we propose a malware taxonomy, a survey of attack vectors to better understand the And...
متن کاملMeasuring and Detecting Malware Downloads in Live Network Traffic
In this paper, we present AMICO, a novel system for measuring and detecting malware downloads in live web traffic. AMICO learns to distinguish between malware and benign file downloads from the download behavior of the network users themselves. Given a labeled dataset of past benign and malware file downloads, AMICO learns a provenance classifier that can accurately detect future malware downlo...
متن کاملDetecting Pdf Javascript Malware Using Clone Detection
.............................................................................................................................. ii Co-Authorship.................................................................................................................... iii List of Figures ................................................................................................................... v...
متن کاملDetecting Targeted Smartphone Malware with Behavior-Triggering Stochastic Models
Malware for current smartphone platforms is becoming increasingly sophisticated. The presence of advanced networking and sensing functions in the device is giving rise to a new generation of targeted malware characterized by a more situational awareness, in which decisions are made on the basis of factors such as the device location, the user profile, or the presence of other apps. This complic...
متن کاملOn the E ectiveness of Virtualisation Assisted View Comparison for Rootkit Detection
There is growing interest in tools for monitoring virtualisation infrastructure and detecting malware within Virtual Machines (VMs). View comparison, or crossview validation, is a technique for detecting object hiding by malware. It involves comparing different views of system objects to find discrepancies that might indicate the use of object hiding techniques. We present Linebacker, a system ...
متن کاملSecurity considerations related to the use of mobile devices in the operation of critical infrastructures
An increasing number of attacks by mobile malware have begun to target critical infrastructure assets. Since malware attempts to defeat the security mechanisms provided by an operating system, it is of paramount importance to understand the strengths and weaknesses of the security frameworks of mobile device operating systems such as Android. Many recently discovered vulnerabilities suggest tha...
متن کامل