An Experimental Analysis of Windows Log Events Triggered by Malware
| Title | An Experimental Analysis of Windows Log Events Triggered by Malware |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Sainju, Arpan Man, Atkison, Travis |
| Conference Name | Proceedings of the SouthEast Conference |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-5024-2 |
| Keywords | composability, digital forensics, Metrics, pubcrawl, Resiliency, security, survey, Windows Log Events, Windows operating system, windows operating systems security |
| Abstract | According to the 2016 Internet Security Threat Report by Symantec, there are around 431 million variants of malware known. This effort focuses on malware used for spying on user's activities, remotely controlling devices, and identity and credential theft within a Windows based operating system. As Windows operating systems create and maintain a log of all events that are encountered, various malware are tested on virtual machines to determine what events they trigger in the Windows logs. The observations are compiled into Operating System specific lookup tables that can then be used to find the tested malware on other computers with the same Operating System. |
| URL | http://doi.acm.org/10.1145/3077286.3077295 |
| DOI | 10.1145/3077286.3077295 |
| Citation Key | sainju_experimental_2017 |