API Chaser: Taint-Assisted Sandbox for Evasive Malware Analysis
نویسندگان
چکیده
منابع مشابه
Malware Similarity Analysis using API Sequence Alignments
Malware variants could be defined as malware that have similar malcious behavior. In this paper, a sequence alignment method, the method widely used in Bioinformatics, was used to detect malware variants. This method can find the common parts of Malware’s API call sequences, and these common API call sequences can be used to detect similar behaviors of malware variants. However, when a sequence...
متن کاملSiren: Catching Evasive Malware (Short Paper)
With the growing popularity of anomaly detection systems, which is due partly to the rise in zero-day attacks, a new class of threats have evolved where the attacker mimics legitimate activity to blend in and avoid detection. We propose a new system called Siren that injects crafted human input alongside legitimate user activity to thwart these mimicry attacks. The crafted input is specially de...
متن کاملBareCloud: Bare-metal Analysis-based Evasive Malware Detection
The volume and the sophistication of malware are continuously increasing and evolving. Automated dynamic malware analysis is a widely-adopted approach for detecting malicious software. However, many recent malware samples try to evade detection by identifying the presence of the analysis environment itself, and refraining from performing malicious actions. Because of the sophistication of the t...
متن کاملSandPrint: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion
To cope with the ever-increasing volume of malware samples, automated program analysis techniques are inevitable. Malware sandboxes in particular have become the de facto standard to extract a program’s behavior. However, the strong need to automate program analysis also bears the risk that anyone that can submit programs to learn and leak the characteristics of a particular sandbox. We introdu...
متن کاملWhole-system Fine-grained Taint Analysis for Automatic Malware Detection and Analysis
As malware is becoming increasingly sophisticated and stealthy, effective techniques for malware detection and analysis are imperative. Previous detection mechanisms are insufficient. Signature-based detection cannot detect new malware, and watch-point based behavioral detection can be evaded by stealthier design. Most previous analysis mechanisms are too coarse-grained to capture malware behav...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Information Processing
سال: 2019
ISSN: 1882-6652
DOI: 10.2197/ipsjjip.27.297