Towards the Detection of Isolation-Aware Malware

被引:10
|
作者
Rodriguez, R. J. [1 ]
Rodriguez, I. [2 ]
Alonso, J. [3 ]
机构
[1] Univ Zaragoza, Dept Comp Sci & Syst Engn, E-50009 Zaragoza, Spain
[2] MLW Re NPO, Palma De Mallorca, Spain
[3] Univ Leon, Res Inst Appl Sci Cybersecur, E-24071 Leon, Spain
来源
IEEE LATIN AMERICA TRANSACTIONS | 2016年 / 14卷 / 02期
关键词
analysis-aware malware; binary analysis; dynamic binary instrumentation; VIRTUALIZATION; FRAMEWORK; TOOLS;
D O I
10.1109/TLA.2016.7437254
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Malware analysis tools have evolved in the last years providing tightly controlled sandbox and virtualised environments where malware is analysed minimising potential harmful consequences. Unfortunately, malware has advanced in parallel, being currently able to recognise when is running in sandbox or virtual environments and then, behaving as a non-harmful application or even not executing at all. This kind of malware is usually called analysis-aware malware. In this paper, we propose a tool to detect the evasion techniques used by analysis-aware malware within sandbox or virtualised environments. Our tool uses Dynamic Binary Instrumentation to maintain the binary functionality while executing arbitrary code. We evaluate the tool under a set of well-known analysis-aware malware showing its current effectiveness. Finally, we discuss limitations of our proposal and future directions.
引用
收藏
页码:1024 / 1036
页数:13
相关论文
共 50 条
  • [1] An Isolation-aware Online Virtual Network Embedding via Deep Reinforcement Learning
    Gohar, Ali
    Rong, Chunming
    Lee, Sanghwan
    2023 IEEE/ACM 23RD INTERNATIONAL SYMPOSIUM ON CLUSTER, CLOUD AND INTERNET COMPUTING WORKSHOPS, CCGRIDW, 2023, : 89 - 95
  • [2] Semantics-aware malware detection
    Christodorescu, M
    Jha, S
    Seshia, SA
    Song, D
    Bryant, RE
    2005 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2005, : 32 - 46
  • [3] Towards stealthy malware detection
    Stolfo, Salvatore J.
    Wang, Ke
    Li, Wei-Jen
    MALWARE DETECTION, 2007, : 231 - +
  • [4] Optimal Functional Splitting, Placement and Routing for Isolation-Aware Network Slicing in NG-RAN
    Mushtaq, Maria
    Golkarifard, Morteza
    Shahriar, Nashid
    Boutaba, Raouf
    Saleh, Aladdin
    2023 19TH INTERNATIONAL CONFERENCE ON NETWORK AND SERVICE MANAGEMENT, CNSM, 2023,
  • [5] Malware-Aware Processors: A Framework for Efficient Online Malware Detection
    Ozsoy, Meltem
    Donovick, Caleb
    Gorelik, Iakov
    Abu-Ghazaleh, Nael
    Ponomarev, Dmitry
    2015 IEEE 21ST INTERNATIONAL SYMPOSIUM ON HIGH PERFORMANCE COMPUTER ARCHITECTURE (HPCA), 2015, : 651 - 661
  • [6] Isolation-Aware 5G RAN Slice Mapping Over WDM Metro-Aggregation Networks
    Yu, Hao
    Musumeci, Francesco
    Zhang, Jiawei
    Tornatore, Massimo
    Ji, Yuefeng
    JOURNAL OF LIGHTWAVE TECHNOLOGY, 2020, 38 (06) : 1125 - 1137
  • [7] A Fast Approach Towards Android Malware Detection
    Chi, Hongmei
    Simms, Xavier
    COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2015, PT I, 2015, 9155 : 77 - 89
  • [8] Poster: Towards Sustainable Android Malware Detection
    Cai, Haipeng
    Jenkins, John
    PROCEEDINGS 2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING - COMPANION (ICSE-COMPANION, 2018, : 350 - 351
  • [9] Towards An Effective And Efficient Malware Detection System
    Chia Tien Dan Lo
    Pablo, Ordonez
    Carlos, Cepeda Mora
    2016 IEEE INTERNATIONAL CONFERENCE ON BIG DATA (BIG DATA), 2016, : 3648 - 3655
  • [10] Towards Explainable CNNs for Android Malware Detection
    Kinkead, Martin
    Millar, Stuart
    McLaughlin, Niall
    O'Kane, Philip
    12TH INTERNATIONAL CONFERENCE ON AMBIENT SYSTEMS, NETWORKS AND TECHNOLOGIES (ANT) / THE 4TH INTERNATIONAL CONFERENCE ON EMERGING DATA AND INDUSTRY 4.0 (EDI40) / AFFILIATED WORKSHOPS, 2021, 184 : 959 - 965
12345