Biblio

In today's world, the word malware is synonymous with mysterious programs that spread havoc and sow destruction upon the computing system it infects. These malware are analyzed and understood by malware analysts who reverse engineer the program in an effort to understand it and provide appropriate identifications or signatures that enable anti-malware programs to effectively combat and resolve threats. Malware authors develop ways to circumvent or prevent this analysis of their code thus rendering preventive measures ineffective. This paper discusses existing analysis subverting techniques and how they are overcome by modern analysis techniques. Further, this paper proposes a new method to resist traditional malware analysis techniques by creating a split-personality malware variant that uses a technique known as shadow attack. The proposal is validated by creating a malware dropper and testing this dropper in controlled laboratory conditions as a part of the concept of proactive defense.

In this digital age, almost every system and service has moved from a localized to a digital environment. Consequently the number of attacks targeting both personal as well as commercial digital devices has also increased exponentially. In most cases specific malware attacks have caused widespread damage and emotional anguish. Though there are automated techniques to analyse and thwart such attacks, they are still far from perfect. This paper identifies optimal features, which improves the accuracy and efficiency of the classification process, required for malware classification in an attempt to assist automated anti-malware systems identify and block malware families in an attempt to secure the end user and reduce the damage caused by these malicious software.