Sciweavers

USENIX
2007

Dynamic Spyware Analysis

14 years 1 months ago
Dynamic Spyware Analysis
Spyware is a class of malicious code that is surreptitiously installed on victims’ machines. Once active, it silently monitors the behavior of users, records their web surfing habits, and steals their passwords. Current anti-spyware tools operate in a way similar to traditional virus scanners. That is, they check unknown programs against signatures associated with known spyware instances. Unfortunately, these techniques cannot identify novel spyware, require frequent updates to signature databases, and are easy to evade by code obfuscation. In this paper, we present a novel dynamic analysis approach that precisely tracks the flow of sensitive information as it is processed by the web browser and any loaded browser helper objects. Using the results of our analysis, we can identify unknown components as spyware and provide comprehensive reports on their behavior. The techniques presented in this paper address limitations of our previous work on spyware detection and significantly i...
Manuel Egele, Christopher Kruegel, Engin Kirda, He
Added 02 Oct 2010
Updated 02 Oct 2010
Type Conference
Year 2007
Where USENIX
Authors Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, Dawn Xiaodong Song
Comments (0)