A Survey on Techniques in Detection and Analyzing Malware Executables
نویسندگان
چکیده
The computer technology has emerged as a necessity in our day to day life to deal with various aspects like education, banking, communication, entertainment etc. Computer system’s security is threatened by weapons named as malware to accomplish malicious intention of its writers. Various solutions are available to detect these threats like AV Scanners, Intrusion Detection System, and Firewalls etc. These solutions of malware detection traditionally use signatures of malware to detect their presence in our system. But these methods are also evaded due to some obfuscation techniques employed by malware authors. This survey paper highlights the existing detection and analysis methodologies used for these obfuscated malicious code.
منابع مشابه
Techniques in Detection and Analyzing Malware Executables: A Review
Today computer field has gained a lot of importance in our day to day life to deal with many aspects like education, entertainment purpose etc. System security is warned by weapons named as malicious software to fulfill malicious intention of its authors. Malicious software known as malware is one of the common problem faced by the internet today. The key to detect these threats are also availa...
متن کاملMalware Analysis and Classification: A Survey
One of the major and serious threats on the Internet today is malicious software, often referred to as a malware. The malwares being designed by attackers are polymorphic and metamorphic which have the ability to change their code as they propagate. Moreover, the diversity and volume of their variants severely undermine the effectiveness of traditional defenses which typically use signature bas...
متن کاملDetecting Packed Executables Based on Raw Binary Data
Packing an executable originally referred to the compression of the file to reduce its size on disk. Nowadays, packing also introduces encryption and anti-debug techniques to protect executables from reverse engineering. This explains why packers are extensively used in creating new malware variants which are not detected by traditional signature-based anti-malware tools. Although universal unp...
متن کاملPE-Probe: Leveraging Packer Detection and Structural Information to Detect Malicious Portable Executables
The number of executable malware and the sophistication of their destructive ability has exponentially increased in past couple of years. Malware writers use sophisticated code obfuscation and encryption (a.k.a. packing) techniques to circumvent signatures – derived from the code of the malware for detection – stored in the signatures’ database of commercial off-the-shelf anti-virus software. I...
متن کاملNewApproach for Detecting Unknown Malicious Executables
Detection of malicious executables that are known beforehand is usually performed using signature-based techniques. These techniques typically rely on the prior explicit knowledge of the malicious executable code, which is in turn is represented by one or more signatures or rules that are stored in a database. The database is frequently updated with new signatures, based on new observations. Th...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013