Investigation of Possibilities to Detect Malware Using Existing Tools
| Autor: | Refik Samet, Omer Aslan |
|---|---|
| Přispěvatelé: | Belirlenecek |
| Jazyk: | angličtina |
| Rok vydání: | 2017 |
| Předmět: |
021110 strategic
defence & security studies Software_OPERATINGSYSTEMS Computer science 0211 other engineering and technologies Evasion (network security) 020206 networking & telecommunications Denial-of-service attack Static program analysis 02 engineering and technology Intrusion detection system Static analysis Computer security computer.software_genre ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS Sandbox (computer security) 0202 electrical engineering electronic engineering information engineering Malware Malware analysis computer Malware Analysis Malware Detection Static and Dynamic Analysis Tools Malware Accuracy and Detection Rate |
| Zdroj: | AICCSA |
| Popis: | Malware stands for malicious software, which is installed on a computer system without the knowledge of the system owner. It performs malicious actions such as stealing confidential information and allowing remote code execution, and it can cause denial of service. Recently, malware creators started to publish new malware, which can bypass anti-malware software, intrusion detection systems (IDS) and sandbox execution. Due to this evasion, the protection of computer networks and computerized systems against these programs has become one of the biggest challenges in the information security realm. This paper proposes a methodology to learn the well-known malware analysis and detection tools, to implement these tools on well-known malware and benign programs and to compare the obtained results. Further, this research will suggest to users how to analyze and detect existing and unknown malware. In a test case, 100 malware and 100 benign program samples were collected from different sources and analyzed under different versions of Windows machines. The test results indicated that it is almost impossible to detect malware by only using one tool. Using static and dynamic analysis tools together increased accuracy and the detection rate. The test results also showed that dynamic malware analysis tools outperformed static analysis tools. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|