Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IPCCC
2007
IEEE
2007
IEEE
SpyCon: Emulating User Activities to Detect Evasive Spyware
The success of any spyware is determined by its ability to evade detection. Although traditional detection methodologies employing signature and anomaly based systems have had reasonable success, new class of spyware programs emerge which blend in with user activities to avoid detection. One of the latest antispyware technologies consists of a local agent that generates honeytokens of known parameters (e.g., network access requests) and tricks spyware into assuming it to be legitimate activity. In this paper, as a first step, we address the deficiencies of static honeytoken generation and present an attack that circumvents such detection techniques. We synthesize the attack by means of data mining algorithms like associative rule mining. Next, we present a randomized honeytoken generation mechanism to address this new class of spyware. Experimental results show that (i) static honeytokens are detected with near 100% accuracy, thereby defeating the state-of-the-art anti-spyware techniq...
Real-time Traffic| Added | 03 Jun 2010 |
| Updated | 03 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | IPCCC |
| Authors | Madhusudhanan Chandrasekaran, Vidyaraman Vidyaraman, Shambhu J. Upadhyaya |
Comments (0)
Researcher Info
|
