PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

Umysł kontra umysł - zagrożenia i metody walki ze złośliwym oprogramowaniem

Autorzy
Identyfikatory
Warianty tytułu
EN
Mind versus mind - malware threats and fighting techniques
Języki publikacji
PL
Abstrakty
PL
Przedstawiono obecny stan wiedzy na temat malware - złośliwego oprogramowania. Podano definicje malware oraz motywację osób rozwijających takie oprogramowanie, a następnie klasyfikację malware. Zaprezentowano autorski, możliwie kompletny, cykl życia złośliwego oprogramowania. Kolejny fragment poświęcono technikom, jakie stosują twórcy złośliwego oprogramowania w celu utrudnienia jego detekcji oraz analizy, a następnie zaprezentowano sposoby walki z malware.
EN
The paper presents up-to-date survey on malware. At the beginning definitions are presented along with motivation for developing such software and malware classification. Further, an author's proposal of possibly i complete malware lifecycle is described. Next, the ways of making malware harder to detect and analyze are presented. Finally, the ways of j fighting malware are discussed.
Rocznik
Tom
Strony
698--705
Opis fizyczny
Bibliogr. 53 poz., rys., tab.
Twórcy
  • Katedra Teleinformatyki, Wydział Elektroniki, Telekomunikacji i Informatyki, Politechnika Gdańska
Bibliografia
  • [1] BazrafshanZ., Hashemi H., Fard S., Hamzeh A.: A survey on heuristic malware detection techniques. In Proceedings of the 5th Conf. on IKT, 2013
  • [2] Burger E. W., Goodman M. D., Kampanakis R, Zhu K. A.: Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies. In Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security, ACM, 2014
  • [3] Ćeleda R, Vykopal J., Plesnik T., Trunećka M., Krmicek V: Malware detection from the network perspective using netflow data. ln 3rd NMRG workshop on NetFlow/IPFIX usage in network management, 2010
  • [4] Chang W., Mohaisen A., Wang A., Chen S.: Measuring botnets in the wild: Some new trends, Proc. of the 10th ACM SICCS2015
  • [5] Chen Z., Roussopoulos M., Liang Z., Zhang Y, Chen Z., Delis A.: Malware characteristics and threats on the internet ecosystem. Journal of Systems and Software, 85(7), 2012
  • [6] Chionis l., Nikolopoulos S., Polenakis I.:A Survey on Algorithmic Techniques for Malware Detection, 2013
  • [7] Common Vulnerabilities and Exposures - CVE, online: http://cve.mitre org/, dostęp: 05.2015
  • [8] Common Vulnerability Scoring System - CVSS, online: http://www.first. org/cvss, dostęp 05.2015
  • [9] Dube T, Raines R., Peterson G., Bauer K., Grimaila M., Rogers S.: Malware target recognition via static heuristics. Computers & sec., 31(1), 2012
  • [10] Dunham K.: Mobile malware attacks and defense, Syngress
  • [11] Egele M., Scholte I., Kirda E., Kruegel C.: A survey on automated dynamic malware-analysis techniques and tools, ACM Comp. Surveys (CSUR), 44(2), 6, 2012
  • [12] Elhadi A. A., Maarof M. A., Osman A. H.: Malware detection based on hybrid signature behaviour application programming interface call graph. American Journal of Applied Sciences, 9(3), 283, 2012
  • [13] Falliere N., i in.: W32. stuxnet dossier, White paper, Symantec Corp., Security Response, 5, 2011
  • [14] Ratley B. N.: Rootkit Detection Using a Cross-View Clean Boot Method (No. AFIT-ENG-13-M-18), Air Force Inst. of Tech. Wright-Patterson Afb Oh, 2013
  • [15] Franklin J., Perrig A., Paxson V., Savage S.: An inquiry into the nature and causes of the wealth of internet miscreants. ACM conference on Computer and Communications security, 2007
  • [16] Gardiner J., Nagaraja S.: On the reliability of network measurement techniques used for malware traffic analysis. In Security Protocols XXII, Springer International Publishing, 2014
  • [17] Gierszewskil, Molisz W.: Ataki DDoS - przegląd zagrożeń i środków zaradczych. Przegląd Telekomunikacyjny i Wiadomości Telekomunikacyjne 8-9,2014
  • [18] Goyal R., Sharma S., Bevinakoppa S., Watters R.: Obfuscation of stuxnet and flame malware. Latest Trends in Applied Informatics and Computing, 2012
  • [19] Machem N., Ben Mustapha Y, Granadillo G. G., Debar H.: Botnets: life cycle and taxonomy. SAR-SSI, 2011 Conference on, IEEE, 2011
  • [20] Hamlen K. W, Mohan V, Masud M. M., Khan L., Thuraisingham B.: Exploiting an antivirus interface. Comp. Standards & Interfaces, 31 (6), 2009
  • [21] Idika N., Mathur A. R: A survey of malware detection techniques. Purdue University, 48, 2007
  • [22] Islam R., Tian R., Batten L. M., Versteeg S.: Classification of malware based on integrated static and dynamic features. Journal of Network and Computer Applications, 36(2), 2013
  • [23] Jacob G., Debar H., Filiol E.: Behavioral detection of malware: from a survey towards an established taxonomy. Journal in computer WIrology,4(3),2008
  • [24] Kapravelos A., Shoshitaishvili Y., Cova M., Kruegel C., Vigna G.: Revolver. An Automated Approach to the Detection of Evasive Web-based Malware. In USENIX Security, 2013
  • [25] Kaur R., Singh M.: A Survey on Zero-Day Polymorphic Worm Detection Techniques, Journal on IEEE Commun. Surv. Tutorials, 99, 2014
  • [26] Kirat D., Vigna G., Kruegel C.: Barecloud: bare-metal analysis-based evasive malware detection, Proceedings of the 23rd USENIX conference on Security Symposium (SEC'14). USENIX Association, Berkeley, CA, USA, 2014
  • [27] Korkin l., Nesterov I.: Applying memory forensics to rootkit detection, Proceedings of the Conference on Digital Forensics, Security and Law, 2014
  • [28] Krmićek V., Plesnik T.: Detecting botnets with netflow, Presentation given at FloCon Conference, Salt Lake City, UT, 2011
  • [29] Lee S., Kim J.: Fluxing botnet command and control channels with URL short ening services. Computer Communications, 36 (3), 2013
  • [30] Ligh M.,Adair S., Hartstein B., Richard M.: Malware analyst's cookbook and DVD: tools and techniques for fighting malicious code. Wiley Publishing, 2010
  • [31] Marpaung J. A., Sain M., Lee H. J.: Survey on malware evasion techniques: state of the art and challenges. 14th Int. Conference on IEEE Advanced Communication Technology (ICACT), 2012
  • [32] McArdle R.: How much is your life worth?, 16th Secure Conference, Warsaw, 2012, dost. 02-2015: http://www.secure.edu.pl/pdf/2012/D2_1745_P_McArdle.pdf
  • [33] Mcwhorter D.: APT1: Exposing One of China's Cyber Espionage Units. Mandiant. com, 18, 2013
  • [34] Mundie D. A., Mclntire D. M.: The MAL: A Malware Analysis Lexicon (No. CMU/SEI-2013-TN-010). Carnegie-Mellon Univ. Software Engineering Inst., 2013
  • [35] O'Kane R, Sezer S., McLaughlin K.: Eul Gyu Im: SVM Training Phase Reduction Using Dataset Feature Filtering for Malware Detection, Inf. Forensics and Security, IEEE Transactions on, 8 (3), 2013
  • [36] Payer M., Crane S., Larsen R, Brunthaler S., Wartell R., Franz M.: Similarity-based matching meets Malware Diversity. arXiv preprint: 1409.7760, 2014
  • [37] Piggin R.: Critical Infrastructure Under Attack. ITNOW, 56 (4), 2014
  • [38] Polychronakis M., Provos N.: Ghost Turns Zombie: Exploring the Life Cycle of Web-based Malware. LEET, 8, 2008
  • [39] Rai S.: Combining register value analysis with similarity based technique for metamorphic malware detection, International Conference on ICSPCT IEEE, 2014
  • [40] Ramilli M., Bishop M., Sun S.: Multiprocess malware. In Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on, IEEE, 2011
  • [41] Rossow C., Dietrich C. J.: Provex: Detecting botnets with encrypted command and control channels, Detection of Intrusions and Malware, and Vulnerability Assessment, Springer Berlin Heidelberg, 2013
  • [42] Rutkowska J.: Introducing stealth malware taxonomy. COSEINC Advanced Malware Labs, 2006
  • [43] Sanatinia A., Noubir G.: Onion Bots: Subverting Privacy Infrastructure for Cyber Attacks. arXiv preprint arXiv:1501.03378, 2014
  • [44] Sayin C.: Obfuscating Malware through Cache Memory Architecture Features, Master Thesis, online: http://hdl.handle.net/11250/198777, dost. 01.2015, 2014
  • [45] Sikorski M., Honig A.: Practical Matware Analysis: The Hands-On Guide to Dissecting Malicious Software. No Starch Press, 2012
  • [46] Soltani S., Seno S. A. H., Nezhadkamali M., Budiarto R.: A survey on real world botnets and detection mechanisms, International Journal of Information and Network Security (IJINS), 3(2), 2014
  • [47] Vasudevan A., Yerraballi R.: Spike: engineering malware analysis tools using unobtrusive binary-instrumentation. In Proceedings of the 29th Australasian Computer Science Conference, Australian Computer Society, Inc., 2006
  • [48] Vigna G.: Malevolution: The Evolution of Evasive Malware, Keynote on the 10th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2013
  • [49] White A.: Identifying the unknown in user space memory, rozprawa doktorska, QUT, 2013
  • [50] Xie P, Lu X., Wang Y, Su J.: Eliminate Evading Analysis Tricks in Malware using Dynamic Slicing. International Journal of Security &Its Apps., 7(3), 2013
  • [51] Xu Z., Zhang J., Gu G., Lin Z.: AUTOVAC: Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization. In IEEE 33rd ICDCS, 2013 [52] Yen T. F.: Detecting stealthy malware using behavioral features in network traffic (Doctoral dissertation, Carnegie Mellon University Pittsburgh, PA), 2011
  • [53] Zeidanloo H. R. i in.: A taxonomy of botnet detection techniques. ICCSIT, 2010 3rd IEEE International Conference on, 2, 2010
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-9d37b118-e47a-49f1-b327-fbcbb4830df0
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.