Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACNS
2009
Springer
2009
Springer
Malyzer: Defeating Anti-detection for Application-Level Malware Analysis
Abstract. Malware analysis is critical for malware detection and prevention. To defeat malware analysis and detection, today malware commonly adopts various sophisticated anti-detection techniques, such as performing debugger, emulator, and virtual machine fingerprinting, and camouflaging its traffic as normal legitimate traffic. These mechanisms produce more and more stealthy malware that greatly challenges existing malware analysis schemes. In this work, targeting application level stealthy malware, we propose Malyzer, the key of which is to defeat malware anti-detection mechanisms at startup and runtime so that malware behavior during execution can be accurately captured and distinguished. For analysis, Malyzer always starts a copy, referred to as a shadow process, of any suspicious process on the same host by defeating all startup anti-detection mechanisms employed in the process. To defeat internal runtime anti-detection attempts, Malyzer further makes this shadow process mutual...
Real-time Traffic| Added | 25 May 2010 |
| Updated | 25 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ACNS |
| Authors | Lei Liu, Songqing Chen |
Comments (0)
Researcher Info
|
