Hybrid Real-time Zero-day Malware Analysis and Reporting System
作者: Ratinder Kaur , , Maninder Singh
DOI: 10.5815/IJITCS.2016.04.08
关键词:
摘要: To understand completely the malicious intents of a zero-day malware there is really no automated way. There single best approach for analysis so it demands to combine existing static, dynamic and manual techniques in unit. In this paper hybrid real-time reporting system presented. The proposed integrates various tools utilities component-based architecture. automatically provides detail result about malware’s behavior. ultimate goal gain quick brief understanding activity performed by while minimizing time frame between detection attack generation security solution. results are paramount valuable analyst perform containment.
mecs-press.org
core.ac.uk
sci-hub.st 参考文章(31)
Monirul Sharif, Vinod Yegneswaran, Hassen Saidi, Phillip Porras, Wenke Lee, Eureka: A Framework for Enabling Static Malware Analysis european symposium on research in computer security. pp. 481- 500 ,(2008) , 10.1007/978-3-540-88313-5_31
Michael Sikorski, Andrew Honig, Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software ,(2012)
Ritika Wason, , A. K. Soni, M. Qasim Rafiq, Estimating Software Reliability by Monitoring Software Execution through OpCode International Journal of Information Technology and Computer Science. ,vol. 7, pp. 23- 30 ,(2015) , 10.5815/IJITCS.2015.09.04
M. Zubair Rafique, Juan Caballero, FIRMA: Malware Clustering and Network Signature Generation with Mixed Network Behaviors recent advances in intrusion detection. pp. 144- 163 ,(2013) , 10.1007/978-3-642-41284-4_8
Fabrice Bellard, QEMU, a fast and portable dynamic translator usenix annual technical conference. pp. 41- 41 ,(2005)
Mihai Christodorescu, Somesh Jha, Static analysis of executables to detect malicious patterns usenix security symposium. pp. 12- 12 ,(2003) , 10.21236/ADA449067
Michalis Polychronakis, Kostas G. Anagnostakis, Evangelos P. Markatos, Emulation-based detection of non-self-contained polymorphic shellcode recent advances in intrusion detection. pp. 87- 106 ,(2007) , 10.1007/978-3-540-74320-0_5
Chris Eagle, The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler ,(2008)
Halvar Flake, Structural Comparison of Executable Objects DIMVA. pp. 161- 173 ,(2004) , 10.17877/DE290R-2007
Yonggan Hou, J. W. Zhuge, Dan Xin, Wenya Feng, SBE '—' A Precise Shellcode Detection Engine Based on Emulation and Support Vector Machine information security practice and experience. pp. 159- 171 ,(2014) , 10.1007/978-3-319-06320-1_13