Bytecode Heuristic Signatures for Detecting Malware Behavior
作者: Gheorghe Hajmasan , Alexandra Mondoc , Octavian Cret
DOI: 10.1109/NEXTCOMP.2019.8883668
关键词:
摘要: For a long time, the most important approach for detecting malicious applications was use of static, hash-based signatures. This provides fast response has low performance overhead and is very stable due to its simplicity. However, with rapid growth in number malware, as well their increased complexity terms polymorphism evasion, era reactive security solutions started fade favor new, proactive approaches such behavior based detection. We propose novel that uses an interpreter virtual machine run heuristics from bytecode signatures, thus combining advantages detection those Based on our approximation, using this we succeeded reduce by 85% time required update solution detect new threats, while continuing benefit versatility heuristics.
sci-hub.se 参考文章(13)
Grégoire Jacob, Hervé Debar, Eric Filiol, Malware Behavioral Detection by Attribute-Automata Using Abstraction from Platform and Language recent advances in intrusion detection. pp. 81- 100 ,(2009) , 10.1007/978-3-642-04342-0_5
Engin Kirda, Paolo Milani Comparetti, Christopher Kruegel, Clemens Kolbitsch, Xiaoyong Zhou, XiaoFeng Wang, Effective and efficient malware detection at the end host usenix security symposium. pp. 351- 366 ,(2009)
Weiqin Ma, Pu Duan, Sanmin Liu, Guofei Gu, Jyh-Charn Liu, Shadow attacks: automatically evading system-call-behavior based malware detection Journal of Computer Virology and Hacking Techniques. ,vol. 8, pp. 1- 13 ,(2012) , 10.1007/S11416-011-0157-5
Ammar Ahmed Elhadi, Mohd Aizaini Maarof, Bazara Barry, Improving the Detection of Malware Behaviour Using Simplified Data Dependent API Call Graph International journal of security and its applications. ,vol. 7, pp. 29- 42 ,(2013) , 10.14257/IJSIA.2013.7.5.03
Philip O'Kane, Sakir Sezer, Kieran McLaughlin, Obfuscation: The Hidden Malware ieee symposium on security and privacy. ,vol. 9, pp. 41- 47 ,(2011) , 10.1109/MSP.2011.98
Hisham Shehata Galal, Yousef Bassyouni Mahdy, Mohammed Ali Atiea, Behavior-based features model for malware detection Journal of Computer Virology and Hacking Techniques. ,vol. 12, pp. 59- 67 ,(2016) , 10.1007/S11416-015-0244-0
Marco Ramilli, Matt Bishop, Shining Sun, Multiprocess malware international conference on malicious and unwanted software. pp. 8- 13 ,(2011) , 10.1109/MALWARE.2011.6112320
Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, Bing Mao, Impeding behavior-based malware analysis via replacement attacks to malware specifications Journal of Computer Virology and Hacking Techniques. ,vol. 13, pp. 193- 207 ,(2017) , 10.1007/S11416-016-0281-3
Mathias Payer, Kyriakos K. Ispoglou, malWASH: washing malware to evade dynamic analysis WOOT'16 Proceedings of the 10th USENIX Conference on Offensive Technologies. pp. 106- 117 ,(2016)
Gheorghe Hajmasan, Alexandra Mondoc, Octavian Cret, Dynamic behavior evaluation for malware detection 2017 5th International Symposium on Digital Forensic and Security (ISDFS). pp. 1- 6 ,(2017) , 10.1109/ISDFS.2017.7916495