A case study on Stuxnet and Flame Malware

نویسنده

  • K F Morton
چکیده

A vast numberof malware is packed by packers. Obfuscation tools are not only cost effective and readily available but also provide an effective camouflage to malware code. Unpacking and analyzing the malicious code may appear aoptimum solution to this problem; but provided with gigantic number of malware being released every single day, this is not a tranquil peace of work for security companies and researchers. In this paper we aim to provide a comprehensive summary of packer problem with practical demonstration of their effectiveness and we will be reviewing various generic techniques to handle this problem. Key-Words: -malware, packers, obfuscation, reverse engineering, analysis, Stuxnet, Flame

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The Cousins of Stuxnet: Duqu, Flame, and Gauss

Stuxnet was the first targeted malware that received worldwide attention for causing physical damage in an industrial infrastructure seemingly isolated from the online world. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper, we will first present our analysis of Duqu, an information-collecting malware sharing ...

متن کامل

Rosco: Repository of Signed Code

Recent targeted malware attacks, e.g. Stuxnet, Duqu and Flame, have used digitally signed components that appeared to originate from legitimate software makers. These attacks were possible because the standard signature verifi cation procedures do not allow for detecting key compromise and fake certifi cates. In this paper, we propose a solution to this problem. More specifi cally, we introduce...

متن کامل

Did Stuxnet Take Out 1 , 000 Centrifuges at the Natanz Enrichment Plant ?

Although mechanical failures or operational problems have often been discussed as causing problems in the IR-1 centrifuges, the crashing of such a large number of centrifuges over a relatively short period of time could have resulted from an infection of the Stuxnet malware. This malicious code seeks to take over an industrial control system in order to destroy equipment while hiding its presen...

متن کامل

Preparing for Cyber-attacks on Air Traffic Management Infrastructures: Cyber-safety Scenario Generation

Malware poses a growing threat to a host of safety-critical systems that depend on common software components, including the Linux operating system and the Internet Protocol (IP). Threats include ‘mass market’ malware that is not deliberately aimed at safety-related systems. They also include more sophisticated techniques exploited by W32.Stuxnet, W32.Duqu, W32.Flame etc. Previous work in this ...

متن کامل

Duqu: Analysis, Detection, and Lessons Learned

In September 2011, a European company sought our help to investigate a security incident that happened in their IT system. During the investigation, we discovered a new malware that was unknown to all mainstream anti-virus products, however, it showed striking similarities to the infamous Stuxnet worm. We named the new malware Duqu, and we carried out its first analysis. Our findings led to the...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012