The Making of Indicator of Compromise using Malware Reverse Engineering Techniques
| Title | The Making of Indicator of Compromise using Malware Reverse Engineering Techniques |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Akram, B., Ogi, D. |
| Conference Name | 2020 International Conference on ICT for Smart Society (ICISS) |
| Date Published | Nov. 2020 |
| Publisher | IEEE |
| ISBN Number | 978-0-7381-4355-2 |
| Keywords | BIOS, Computer architecture, Human Behavior, indicators of compromise, Malware, malware analysis, Malware Threat, Metrics, Packed Malware, Predictive Metrics, privacy, pubcrawl, resilience, Resiliency, reverse engineering, Scalability, security, Software, static analysis, Tools |
| Abstract | Malware threats often go undetected immediately, because attackers can camouflage well within the system. The users realize this after the devices stop working and cause harm for them. One way to deceive malicious content detection, malware authors use packers. Malware analysis is an activity to gain knowledge about malware. Reverse engineering is a technique used to identify and deal with new viruses or to understand malware behavior. Therefore, this technique can be the right choice for conducting malware analysis, especially for malware with packers. The results of the analysis are used as a source for making creating indicator of compromise in the YARA rule format. YARA rule is used as a component for detecting malware using the indicators obtained in the analysis process. |
| URL | https://ieeexplore.ieee.org/document/9307581 |
| DOI | 10.1109/ICISS50791.2020.9307581 |
| Citation Key | akram_making_2020 |