The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Detection of drive-by-download attack has gained a focus in security research since the attack has turned into the most popular and serious threat to web infrastructure. The attack exploits vulnerabilities in web browsers and their extensions for unnoticeably downloading malicious software. Often, the victim is sent through a long chain of redirection operations in order to take down the offending...
In today's software and systems environments, security frameworks and models are evolving exponentially. Many traditional host-based frameworks are currently available to detect cyber threats in Linux environment. But there have been many challenges in detecting rootkits that modify the Linux Operating System (OS) kernel to avoid detection. These limitations have lead us to design a virtualization...
Malware sandboxes, widely used by antivirus companies, mobile application marketplaces, threat detection appliances, and security researchers, face the challenge of environment-aware malware that alters its behavior once it detects that it is being executed on an analysis environment. Recent efforts attempt to deal with this problem mostly by ensuring that well-known properties of analysis environments...
The main goal of this paper is analyzing the methods of code analysis and proposing the most appropriate methods of sample analysis, executing the process of analyzing the available online and offline analyzing tools and explore ways to prevent hiding malicious pieces of code into the source code. Another aim is to focus on what the obfuscation technique of source code has to offer. Obfuscation can...
Development and dissemination of malicious software requires the creation of new methods for their detection. Therefore we began to use proactive technologies that use the test program to detect the presence of certain symptoms, often occurring in malware. Dynamic analysis of the studied program launched for execution. There is a study of how the program interacts with the software environment that...
Malicious cloud computing activity can take many forms, including running unauthorized programs in a virtual environment. Detection of these malicious activities while preserving the privacy of the user is an important research challenge. Prior work has shown the potential viability of using cloud service billing metrics as a mechanism for proxy identification of malicious programs. Previously this...
Cloud Computing is the key technology of today's cyber world which provides online provisioning of resources on demand and pay per use basis. Malware attacks such as virus, worm and rootkits etc. are some threats to virtual machines (VMs) in cloud environment. In this paper, we present a system call analysis approach to detect malware attacks which maliciously affect the legitimate programs running...
Malware evaluation is a key factor in security. It supposed to be safe and accurate. The contemporary malware is very sophisticated. Usually it uses complex distributed infrastructure an investigation of which is a very challenging task. In the paper, the development of the testbeds toward malware and its infrastructure evaluation is presented. Based on the real-life experience with the subsequent...
Reverse engineering packed binaries remain a tedious challenge as code packing is continuously being used by malware to hinder detection and analysis. The problem of automatically unpacking binaries has previously been investigated. However, current generic unpackers either do not offer any dump of the unpacked binary at all or produces a set of memory dumps that each lack several structures that...
Automated file analysis is important in malware research for identifying malicious files in large collection of samples. This paper describes an automatic system that can classify a file as infected based on the dynamic behavior of the file observed inside a controlled monitored environment. Based on features revealed at runtime, we train a Support Vector Machine classifier that can be further used...
Honeypot is known as the most famous and widely deployed tool for collecting malwares on the Internet. Conventional honeypots lure attackers into them by simulating vulnerable applications, programs and services, and are able to collect malwares by monitoring malicious activities of attackers. While client honeypots visit websites linked to URLs which are previously provided by users and collect malwares...
Android platform implements permissions to guard sensitive information from untrusted apps. Android's permission system agreements an all-or-nothing choice when installing an app in smart phones. However, after permissions are approved by users at installation time, applications can use these permissions with no further restrictions to access personal information. Thus, contemporary years have perceived...
Virtual machine introspection plays an important role in the area of security. Most virtual machine introspection mechanisms either poll the VM state actively or intercept the VM execution passively. Unfortunately, the active introspection approach cannot acquire information in real time, while the information acquired by passive method is fragmented and is hard to build complete semantic views of...
The ever-growing malware threats in the cyber spacecalls for techniques that are more effective than widely deployedsignature-based detection system. To counter large volumes ofmalware variants, machine learning techniques have been appliedfor automated malware classification. Despite these efforts haveachieved a certain success, the accuracy and efficiency stillremained inadequate to meet demand,...
Due to speedy nature of technology the demand of cloud security enhanced rapidly. In the crowd of IT proficiency the security issues of cloud turn to prime business concern. Having exposure VM in cloud is most crucial subject to discourse. Especially, attackers prime target is to explore exposure of VMs. Privileges from data sharing behavior of cloud, attacker compromised VM to deploy advance wide-reaching...
Virtualization is the main underlying technology for cloud computing. The popularity of cloud computing had expanded rapidly over the past few years. As any new technology advancement, cloud computing also has vulnerability possibilities and potential security risks. Therefore it is important to study and understand the underlying technologies in cloud computing and test any possible loophole that...
Automated analysis is useful in anti-malware research because it helps deal with large collections of samples and reduces the human effort. This paper describes an automated system that performs dynamic analysis by running new samples in a controlled environment and analyzing the operations they perform on the filesystem. These operations are used to train a Support Vector Machine classifier that...
Malware is an ever-increasing threat to personal, corporate, and government computing systems alike. Particularly in the corporate and government sectors, the attribution of malware—including the identification of the authorship of malware as well as potentially the malefactor responsible for an attack—is of growing interest. Such malware attribution is often enabled by the fact that malware authors...
Over the years cyber attacks have turned more sophisticated, directed and lethal. In the recent times attackers have found new means to bypass advanced and sophisticated methods like sandboxing. Sandboxes emulate and analyze behavior and network in an isolated environment. Forensic investigations are performed by combining static analysis with sandbox analysis. The limitation with sandboxing is simulating...
There is an increased trend in information insecurity, online fraud and social engineering activities today as a result of high dependence on the Internet and social networks for communication, advertisement of products and services, etc. Malwares are most times, deliberately programmed as worms to appear as flash messages, online games, gift awards and in many other attractive forms for the user...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.