Visible to the public Biblio

Filters: Keyword is obfuscated malware  [Clear All Filters]
2022-08-12
Ajiri, Victor, Butakov, Sergey, Zavarsky, Pavol.  2020.  Detection Efficiency of Static Analyzers against Obfuscated Android Malware. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :231–234.
Mobile antivirus technologies incorporate static analysis which involves the analysis of programs without its execution. This process relies on pattern matching against a signature repository to identify malware, which can be easily tricked by transformation techniques such as obfuscation. Obfuscation as an evasion technique renders character strings disguised and incomprehensive, to prevent tampering and reengineering, which poses to be a valuable technique malware developers adopt to evade detection. This paper attempts to study the detection efficiency of static analyzers against obfuscated Android malware. This study is the first step in a larger project attempting to improve the efficiency of malware detectors.
2020-10-26
Samantray, Om Prakash, Tripathy, Satya Narayan, Das, Susanta Kumar.  2019.  A study to Understand Malware Behavior through Malware Analysis. 2019 IEEE International Conference on System, Computation, Automation and Networking (ICSCAN). :1–5.
Most of the malware detection techniques use malware signatures for detection. It is easy to detect known malicious program in a system but the problem arises when the malware is unknown. Because, unknown malware cannot be detected by using available known malware signatures. Signature based detection techniques fails to detect unknown and zero-day attacks. A novel approach is required to represent malware features effectively to detect obfuscated, unknown, and mutated malware. This paper emphasizes malware behavior, characteristics and properties extracted by different analytic techniques and to decide whether to include them to create behavioral based malware signature. We have made an attempt to understand the malware behavior using a few openly available tools for malware analysis.
2015-05-06
Wei Peng, Feng Li, Xukai Zou, Jie Wu.  2014.  Behavioral Malware Detection in Delay Tolerant Networks. Parallel and Distributed Systems, IEEE Transactions on. 25:53-63.

The delay-tolerant-network (DTN) model is becoming a viable communication alternative to the traditional infrastructural model for modern mobile consumer electronics equipped with short-range communication technologies such as Bluetooth, NFC, and Wi-Fi Direct. Proximity malware is a class of malware that exploits the opportunistic contacts and distributed nature of DTNs for propagation. Behavioral characterization of malware is an effective alternative to pattern matching in detecting malware, especially when dealing with polymorphic or obfuscated malware. In this paper, we first propose a general behavioral characterization of proximity malware which based on naive Bayesian model, which has been successfully applied in non-DTN settings such as filtering email spams and detecting botnets. We identify two unique challenges for extending Bayesian malware detection to DTNs ("insufficient evidence versus evidence collection risk" and "filtering false evidence sequentially and distributedly"), and propose a simple yet effective method, look ahead, to address the challenges. Furthermore, we propose two extensions to look ahead, dogmatic filtering, and adaptive look ahead, to address the challenge of "malicious nodes sharing false evidence." Real mobile network traces are used to verify the effectiveness of the proposed methods.