7,610 research outputs found
The Malaise of the Administrative Process
Computer viruses uses a few different techniques, with various intentions, toinfect files. However, what most of them have in common is that they wantto avoid detection by anti-malware software. To not get detected and stay unnoticed,virus creators have developed several methods for this. Anti-malwaresoftware is constantly trying to counter these methods of virus infections withtheir own detection-techniques. In this paper we have analyzed the differenttypes of viruses and their infection techniques, and tried to determined whichworks the best to avoid detection. In the experiments we have done we havesimulated executing the viruses at the same time as an anti-malware softwarewas running. Our conclusion is that metamorphic viruses uses the best methodsto stay unnoticed by anti-malware software’s detection techniques
Malware "Ecology" Viewed as Ecological Succession: Historical Trends and Future Prospects
The development and evolution of malware including computer viruses, worms,
and trojan horses, is shown to be closely analogous to the process of community
succession long recognized in ecology. In particular, both changes in the
overall environment by external disturbances, as well as, feedback effects from
malware competition and antivirus coevolution have driven community succession
and the development of different types of malware with varying modes of
transmission and adaptability.Comment: 13 pages, 3 figure
Using Verification Technology to Specify and Detect Malware
Computer viruses and worms are major threats for our computer infrastructure, and thus, for economy and society at large. Recent work has demonstrated that a model checking based approach to malware detection can capture the semantics of security exploits more accurately than traditional approaches, and consequently achieve higher detection rates. In this approach, malicious behavior is formalized using the expressive specification language CTPL based on classic CTL. This paper gives an overview of our toolchain for malware detection and presents our new system for computer assisted generation of malicious code specifications
Malware Detection Module using Machine Learning Algorithms to Assist in Centralized Security in Enterprise Networks
Malicious software is abundant in a world of innumerable computer users, who
are constantly faced with these threats from various sources like the internet,
local networks and portable drives. Malware is potentially low to high risk and
can cause systems to function incorrectly, steal data and even crash. Malware
may be executable or system library files in the form of viruses, worms,
Trojans, all aimed at breaching the security of the system and compromising
user privacy. Typically, anti-virus software is based on a signature definition
system which keeps updating from the internet and thus keeping track of known
viruses. While this may be sufficient for home-users, a security risk from a
new virus could threaten an entire enterprise network. This paper proposes a
new and more sophisticated antivirus engine that can not only scan files, but
also build knowledge and detect files as potential viruses. This is done by
extracting system API calls made by various normal and harmful executable, and
using machine learning algorithms to classify and hence, rank files on a scale
of security risk. While such a system is processor heavy, it is very effective
when used centrally to protect an enterprise network which maybe more prone to
such threats.Comment: 6 page
Malware Detection Using Dynamic Analysis
In this research, we explore the field of dynamic analysis which has shown promis- ing results in the field of malware detection. Here, we extract dynamic software birth- marks during malware execution and apply machine learning based detection tech- niques to the resulting feature set. Specifically, we consider Hidden Markov Models and Profile Hidden Markov Models. To determine the effectiveness of this dynamic analysis approach, we compare our detection results to the results obtained by using static analysis. We show that in some cases, significantly stronger results can be obtained using our dynamic approach
- …