45,786 research outputs found
History of malware
In past three decades almost everything has changed in the field of malware
and malware analysis. From malware created as proof of some security concept
and malware created for financial gain to malware created to sabotage
infrastructure. In this work we will focus on history and evolution of malware
and describe most important malwares.Comment: 11 pages, 8 figures describing history and evolution of PC malware
from first PC malware to Stuxnet, DoQu and Flame. This article has been
withdrawed due some errors in text and publication in the jurnal that asked
to withdraw article from other source
The Malware Analysis Body of Knowledge (MABOK)
The ability to forensically analyse malicious software (malware) is becoming an increasingly important discipline in the field of Digital Forensics. This is because malware is becoming stealthier, targeted, profit driven, managed by criminal organizations, harder to detect and much harder to analyse. Malware analysis requires a considerable skill set to delve deep into malware internals when it is designed specifically to detect and hinder such attempts. This paper presents a foundation for a Malware Analysis Body of Knowledge (MABOK) that is required to successfully forensically analyse malware. This body of knowledge has been the result of several years of research into malware dissection
Mal-Netminer: Malware Classification Approach based on Social Network Analysis of System Call Graph
As the security landscape evolves over time, where thousands of species of
malicious codes are seen every day, antivirus vendors strive to detect and
classify malware families for efficient and effective responses against malware
campaigns. To enrich this effort, and by capitalizing on ideas from the social
network analysis domain, we build a tool that can help classify malware
families using features driven from the graph structure of their system calls.
To achieve that, we first construct a system call graph that consists of system
calls found in the execution of the individual malware families. To explore
distinguishing features of various malware species, we study social network
properties as applied to the call graph, including the degree distribution,
degree centrality, average distance, clustering coefficient, network density,
and component ratio. We utilize features driven from those properties to build
a classifier for malware families. Our experimental results show that
influence-based graph metrics such as the degree centrality are effective for
classifying malware, whereas the general structural metrics of malware are less
effective for classifying malware. Our experiments demonstrate that the
proposed system performs well in detecting and classifying malware families
within each malware class with accuracy greater than 96%.Comment: Mathematical Problems in Engineering, Vol 201
Impact Analysis of Malware Based on Call Network API with Heuristic Detection Method
Malware is a program that has a negative influence on computer systems that don\u27t have user permissions. The purpose of making malware by hackers is to get profits in an illegal way. Therefore, we need a malware analysis. Malware analysis aims to determine the specifics of malware so that security can be built to protect computer devices. One method for analyzing malware is heuristic detection. Heuristic detection is an analytical method that allows finding new types of malware in a file or application. Many malwares are made to attack through the internet because of technological advancements. Based on these conditions, the malware analysis is carried out using the API call network with the heuristic detection method. This aims to identify the behavior of malware that attacks the network. The results of the analysis carried out are that most malware is spyware, which is lurking user activity and retrieving user data without the user\u27s knowledge. In addition, there is also malware that is adware, which displays advertisements through pop-up windows on computer devices that interfaces with user activity. So that with these results, it can also be identified actions that can be taken by the user to protect his computer device, such as by installing antivirus or antimalware, not downloading unauthorized applications and not accessing unsafe websites.
 
- …