Relevant bibliographies by topics / Evasive malware

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Book chapters
  4. Conference papers

Academic literature on the topic 'Evasive malware'

Author: Grafiati
Published: 23 September 2022
Last updated: 28 September 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Evasive malware.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Evasive malware"

1

Gruber, Jan, and Felix Freiling. "Fighting Evasive Malware." Datenschutz und Datensicherheit - DuD 46, no. 5 (May 2022): 284–90. http://dx.doi.org/10.1007/s11623-022-1604-9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Egitmen, Alper, Irfan Bulut, R. Can Aygun, A. Bilge Gunduz, Omer Seyrekbasan, and A. Gokhan Yavuz. "Combat Mobile Evasive Malware via Skip-Gram-Based Malware Detection." Security and Communication Networks 2020 (April 20, 2020): 1–10. http://dx.doi.org/10.1155/2020/6726147.

Full text
Abstract:
Android malware detection is an important research topic in the security area. There are a variety of existing malware detection models based on static and dynamic malware analysis. However, most of these models are not very successful when it comes to evasive malware detection. In this study, we aimed to create a malware detection model based on a natural language model called skip-gram to detect evasive malware with the highest accuracy rate possible. In order to train and test our proposed model, we used an up-to-date malware dataset called Argus Android Malware Dataset (AMD) since the AMD contains various evasive malware families and detailed information about them. Meanwhile, for the benign samples, we used Comodo Android Benign Dataset. Our proposed model starts with extracting skip-gram-based features from instruction sequences of Android applications. Then it applies several machine learning algorithms to classify samples as benign or malware. We tested our proposed model with two different scenarios. In the first scenario, the random forest-based classifier performed with 95.64% detection accuracy on the entire dataset and 95% detection accuracy against evasive only samples. In the second scenario, we created a test dataset that contained zero-day malware samples only. For the training set, we did not use any sample that belongs to the malware families in the test set. The random forest-based model performed with 37.36% accuracy rate against zero-day malware. In addition, we compared our proposed model’s malware detection performance against several commercial antimalware applications using VirusTotal API. Our model outperformed 7 out of 10 antimalware applications and tied with one of them on the same test scenario.
APA, Harvard, Vancouver, ISO, and other styles
3

Vidyarthi, Deepti, S. P. Choudhary, Subrata Rakshit, and C. R. S. Kumar. "Malware Detection by Static Checking and Dynamic Analysis of Executables." International Journal of Information Security and Privacy 11, no. 3 (July 2017): 29–41. http://dx.doi.org/10.4018/ijisp.2017070103.

Full text
Abstract:
The advanced malware continue to be a challenge in digital world that signature-based detection techniques fail to conquer. The malware use many anti-detection techniques to mutate. Thus no virus scanner can claim complete malware detection even for known malware. Static and dynamic analysis techniques focus upon different kinds of malware such as Evasive or Metamorphic malware. This paper proposes a comprehensive approach that combines static checking and dynamic analysis for malware detection. Static analysis is used to check the specific code characteristics. Dynamic analysis is used to analyze the runtime behavior of malware. The authors propose a framework for the automated analysis of an executable's behavior using text mining. Text mining of dynamic attributes identifies the important features for classifying the executable as benign and malware. The synergistic combination proposed in this paper allows detection of not only known variants of malware but even the obfuscated, packed and unknown malware variants and malware evasive to dynamic analysis.
APA, Harvard, Vancouver, ISO, and other styles
4

Krishna, T. Shiva Rama. "Malware Detection using Deep Learning." International Journal for Research in Applied Science and Engineering Technology 9, no. VI (June 20, 2021): 1847–53. http://dx.doi.org/10.22214/ijraset.2021.35426.

Full text
Abstract:
Malicious software or malware continues to pose a major security concern in this digital age as computer users, corporations, and governments witness an exponential growth in malware attacks. Current malware detection solutions adopt Static and Dynamic analysis of malware signatures and behaviour patterns that are time consuming and ineffective in identifying unknown malwares. Recent malwares use polymorphic, metamorphic and other evasive techniques to change the malware behaviour’s quickly and to generate large number of malwares. Since new malwares are predominantly variants of existing malwares, machine learning algorithms are being employed recently to conduct an effective malware analysis. This requires extensive feature engineering, feature learning and feature representation. By using the advanced MLAs such as deep learning, the feature engineering phase can be completely avoided. Though some recent research studies exist in this direction, the performance of the algorithms is biased with the training data. There is a need to mitigate bias and evaluate these methods independently in order to arrive at new enhanced methods for effective zero-day malware detection. To fill the gap in literature, this work evaluates classical MLAs and deep learning architectures for malware detection, classification and categorization with both public and private datasets. The train and test splits of public and private datasets used in the experimental analysis are disjoint to each other’s and collected in different timescales. In addition, we propose a novel image processing technique with optimal parameters for MLAs and deep learning architectures. A comprehensive experimental evaluation of these methods indicate that deep learning architectures outperform classical MLAs. Overall, this work proposes an effective visual detection of malware using a scalable and hybrid deep learning framework for real-time deployments. The visualization and deep learning architectures for static, dynamic and image processing-based hybrid approach in a big data environment is a new enhanced method for effective zero-day malware detection.
APA, Harvard, Vancouver, ISO, and other styles
5

D'Elia, Daniele Cono, Emilio Coppa, Federico Palmaro, and Lorenzo Cavallaro. "On the Dissection of Evasive Malware." IEEE Transactions on Information Forensics and Security 15 (2020): 2750–65. http://dx.doi.org/10.1109/tifs.2020.2976559.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Cara, Fabrizio, Michele Scalas, Giorgio Giacinto, and Davide Maiorca. "On the Feasibility of Adversarial Sample Creation Using the Android System API." Information 11, no. 9 (September 10, 2020): 433. http://dx.doi.org/10.3390/info11090433.

Full text
Abstract:
Due to its popularity, the Android operating system is a critical target for malware attacks. Multiple security efforts have been made on the design of malware detection systems to identify potentially harmful applications. In this sense, machine learning-based systems, leveraging both static and dynamic analysis, have been increasingly adopted to discriminate between legitimate and malicious samples due to their capability of identifying novel variants of malware samples. At the same time, attackers have been developing several techniques to evade such systems, such as the generation of evasive apps, i.e., carefully-perturbed samples that can be classified as legitimate by the classifiers. Previous work has shown the vulnerability of detection systems to evasion attacks, including those designed for Android malware detection. However, most works neglected to bring the evasive attacks onto the so-called problem space, i.e., by generating concrete Android adversarial samples, which requires preserving the app’s semantics and being realistic for human expert analysis. In this work, we aim to understand the feasibility of generating adversarial samples specifically through the injection of system API calls, which are typical discriminating characteristics for malware detectors. We perform our analysis on a state-of-the-art ransomware detector that employs the occurrence of system API calls as features of its machine learning algorithm. In particular, we discuss the constraints that are necessary to generate real samples, and we use techniques inherited from interpretability to assess the impact of specific API calls to evasion. We assess the vulnerability of such a detector against mimicry and random noise attacks. Finally, we propose a basic implementation to generate concrete and working adversarial samples. The attained results suggest that injecting system API calls could be a viable strategy for attackers to generate concrete adversarial samples. However, we point out the low suitability of mimicry attacks and the necessity to build more sophisticated evasion attacks.
APA, Harvard, Vancouver, ISO, and other styles
7

Mills, Alan, and Phil Legg. "Investigating Anti-Evasion Malware Triggers Using Automated Sandbox Reconfiguration Techniques." Journal of Cybersecurity and Privacy 1, no. 1 (November 20, 2020): 19–39. http://dx.doi.org/10.3390/jcp1010003.

Full text
Abstract:
Malware analysis is fundamental for defending against prevalent cyber security threats and requires a means to deploy and study behavioural software traits as more sophisticated malware is developed. Traditionally, virtual machines are used to provide an environment that is isolated from production systems so as to not cause any adverse impact on existing infrastructure. Malware developers are fully aware of this and so will often develop evasion techniques to avoid detection within sandbox environments. In this paper, we conduct an investigation of anti-evasion malware triggers for uncovering malware that may attempt to conceal itself when deployed in a traditional sandbox environment. To facilitate our investigation, we developed a tool called MORRIGU that couples together both automated and human-driven analysis for systematic testing of anti-evasion methods using dynamic sandbox reconfiguration techniques. This is further supported by visualisation methods for performing comparative analysis of system activity when malware is deployed under different sandbox configurations. Our study reveals a variety of anti-evasion traits that are shared amongst different malware families, such as sandbox “wear-and-tear”, and Reverse Turing Tests (RTT), as well as more sophisticated malware samples that require multiple anti-evasion checks to be deployed. We also perform a comparative study using Cuckoo sandbox to demonstrate the limitations of adopting only automated analysis tools, to justify the exploratory analysis provided by MORRIGU. By adopting a clearer systematic process for uncovering anti-evasion malware triggers, as supported by tools like MORRIGU, this study helps to further the research of evasive malware analysis so that we can better defend against such future attacks.
APA, Harvard, Vancouver, ISO, and other styles
8

Ilić, Slaviša, Milan Gnjatović, Brankica Popović, and Nemanja Maček. "A pilot comparative analysis of the Cuckoo and Drakvuf sandboxes: An end-user perspective." Vojnotehnicki glasnik 70, no. 2 (2022): 372–92. http://dx.doi.org/10.5937/vojtehg70-36196.

Full text
Abstract:
Introduction/purpose: This paper reports on a pilot comparative analysis of the Cuckoo and Drakvuf sandboxes. These sandboxes are selected as the subjects of the analysis because of their popularity in the professional community and their complementary approaches to analyzing malware behavior. Methods: Both sandboxes were set up with basic configurations and confronted with the same set of malware samples. The evaluation was primarily conducted with respect to the question of to what extent a sandbox is helpful to the human analyst in malware analysis. Thus, only the information available in Web console reports was considered. Results: Drakvuf is expected to perform better when confronted with evasive malware and so-called "file-less" malware. Although still not mature in terms of integration, customization and tools, this sandbox is considered a second generation sandbox because of its agentless design. On the other hand, the Cuckoo sandbox creates a better overall experience: it is supported through good documentation and strong professional community, better integrated with various tools, support more virtualization, operating system and sample types, and generates more informative reports. Even with a smaller capacity to prevent evasive malware, its Python 2 agent script makes it more powerful than Drakvuf. Conclusion: To achieve the optimal open-source sandbox-based protection, it is recommended to apply both the Cuckoo and Drakvuf sandboxes. In circumstances of limited resources, applying the Cuckoo sandbox is preferable, especially if exposure to malware deploying evading techniques is not frequently expected.
APA, Harvard, Vancouver, ISO, and other styles
9

Djufri, Faiz Iman, and Charles Lim. "Revealing and Sharing Malware Profile Using Malware Threat Intelligence Platform." ACMIT Proceedings 6, no. 1 (July 6, 2021): 72–82. http://dx.doi.org/10.33555/acmit.v6i1.100.

Full text
Abstract:
Cyber Security is an interchange between attackers and defenders, a non-static balancing force. The increasing trend of novel security threats and security incidents, which does not seem to be stopping, prompts the need to add another line of security defences. This is because the risk management and risk detection has become virtually impossible due to the limited access towards user data and the variations of modern threat taxonomies. The traditional strategy of self-discovery and signature detection which has a static nature is now obsolete in facing threats of the new generation with a dynamic nature; threats which are resilient, complex, and evasive. Therefore, this thesis discusses the use of MISP and The Triad Investigation approach to share the Indicator of Compromise on Cyber Intelligence Sharing Platform to be able to address the newt threats.
APA, Harvard, Vancouver, ISO, and other styles
10

Kawakoya, Yuhei, Eitaro Shioji, Makoto Iwamura, and Jun Miyoshi. "API Chaser: Taint-Assisted Sandbox for Evasive Malware Analysis." Journal of Information Processing 27 (2019): 297–314. http://dx.doi.org/10.2197/ipsjjip.27.297.

Full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Evasive malware"

1

Nisi, Dario. "Unveiling and mitigating common pitfalls in malware analysis." Electronic Thesis or Diss., Sorbonne université, 2021. http://www.theses.fr/2021SORUS528.

Full text
Abstract:
L'importance des systèmes informatiques dans les sociétés modernes ne cesse de croître, tout comme les dommages causés par les logiciels malveillants. L'industrie de la sécurité et les auteurs de logiciels malveillants se sont engagés dans une course aux armements, dans laquelle les premiers créent de meilleurs systèmes de détection tandis que les seconds tentent de les contourner. En fait, toute hypothèse erronée (aussi subtile soit-elle) dans la conception d'un outil anti-malware peut créer de nouvelles voies pour échapper à la détection. Cette thèse se concentre sur deux aspects souvent négligés des techniques modernes d'analyse des logiciels malveillants : l'utilisation d'informations au niveau de l'API pour coder le comportement malveillant et la réimplémentation des routines d'analyse des formats de fichiers exécutables dans les outils orientés sécurité. Nous montrons qu'il est possible de tirer parti de ces pratiques à grande échelle et de manière automatisée. En outre, nous étudions la possibilité de résoudre ces problèmes à la racine, en mesurant les difficultés que les architectes anti-malware peuvent rencontrer et en proposant des stratégies pour les résoudre
As the importance of computer systems in modern-day societies grows, so does the damage that malicious software causes. The security industry and malware authors engaged in an arms race, in which the first creates better detection systems while the second try to evade them. In fact, any wrong assumption (no matter how subtle) in the design of an anti-malware tool may create new avenues for evading detection. This thesis focuses on two often overlooked aspects of modern malware analysis techniques: the use of API-level information to encode malicious behavior and the reimplementation of parsing routines for executable file formats in security-oriented tools. We show that taking advantage of these practices is possible on a large and automated scale. Moreover, we study the feasibility of fixing these problems at their roots, measuring the difficulties that anti-malware architects may encounter and providing strategies to solve them
APA, Harvard, Vancouver, ISO, and other styles
2

Lu, Gen. "Analysis of Evasion Techniques in Web-based Malware." Diss., The University of Arizona, 2013. http://hdl.handle.net/10150/312567.

Full text
Abstract:
Web-based mechanisms, often mediated by malicious JavaScript code, play an important role in malware delivery today, making defenses against web-based malware crucial for system security. To make it even more challenging, malware authors often take advantage of various evasion techniques to evade detection. As a result, a constant arms race of evasion and detection techniques between malware authors and security analysts has led to advancement in code obfuscation and anti-analysis techniques. This dissertation focuses on the defenses against web-based malware protected by advanced evasion techniques from both defensive and offensive perspectives. From a defensive perspective, we examine existing evasion techniques and propose deobfuscation and detection approaches to defeating some popular techniques used by web-based malware today. In the case of code-unfolding based obfuscation, we use a semantics-based approach to simplify away obfuscations by identifying code that is relevant to the behavior of the original program. In the case of environment-dependent malware, we propose environmental predicate, which detects behavior discrepancy of JavaScript program between targeted browser and detector sandbox, therefore protecting users from possible detection false negatives caused by environmental triggers. From an offensive perspective, we analyze existing detection techniques to examining their assumptions and study how these assumptions can be broken. We also propose a combination of obfuscation and anti-analysis techniques, targeting these limitations, which can hide existing web-based malware from state-of-the-art detectors.
APA, Harvard, Vancouver, ISO, and other styles
3

Haffejee, Jameel. "An analysis of malware evasion techniques against modern AV engines." Thesis, Rhodes University, 2015. http://hdl.handle.net/10962/5821.

Full text
Abstract:
This research empirically tested the response of antivirus applications to binaries that use virus-like evasion techniques. In order to achieve this, a number of binaries are processed using a number of evasion methods and are then deployed against several antivirus engines. The research also documents the process of setting up an environment for testing antivirus engines, including building the evasion techniques used in the tests. The results of the empirical tests illustrate that an attacker can evade multiple antivirus engines without much effort using well-known evasion techniques. Furthermore, some antivirus engines may respond to the occurrence of an evasion technique instead of the presence of any malicious code. In practical terms, this shows that while antivirus applications are useful for protecting against known threats, their effectiveness against unknown or modified threats is limited.
APA, Harvard, Vancouver, ISO, and other styles
4

Sidor, Samuel. "Vylepšený sandboxing pro pokročilé kmeny malwaru." Master's thesis, Vysoké učení technické v Brně. Fakulta elektrotechniky a komunikačních technologií, 2021. http://www.nusl.cz/ntk/nusl-442403.

Full text
Abstract:
This Master’s thesis describes reverse engineering with focus on malware analysis. Reader will be informed about theoretical description of static and dynamic analysis. These techniques are later used on analysis of 5 malware families with focus on detection of used anti-sandbox techniques. After that new theoretical improvements are proposed with detection of anti-sandbox techniques or fully avoiding such anti-sandbox evasion techniques. Finally these changes are implemented on main sandbox of Avast Software from which reader can see how effective these improvements are.
APA, Harvard, Vancouver, ISO, and other styles
5

Li, Hao, and 李昊. "Guided Execution Path Exploration for Evasive Malware Analysis." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/s63mm6.

Full text
Abstract:
碩士
國立交通大學
資訊科學與工程研究所
106
In recent years, malware has become a severe problem on the Internet. Modern malware is often equipped with evasion techniques to prevent itself from being analyzed by sandbox-based analysis. To fight against evasive malware, analysts need to trigger the deliberately hidden malicious behaviors by execution path exploration. Nonetheless, currently the common methods for path exploration suffer from the path explosion problem and is hard to exhaust all paths. In this thesis, we proposed an approach to guiding the execution paths exploration toward the most suspicious execution paths in order to reach the hidden malicious behaviors in limited time. We learned the patterns of malicious behaviors and evasion techniques from malware in the wild and evasion techniques commonly used by malware authors. By analyzing the potential behaviors and the prerequisites of paths in the samples, our analysis systems can trigger the hidden behaviors faster to enable the analysts to process evasive malware samples. As indicated in the experiments, our approach can discover the hidden behaviors faster with fewer paths explored where time consumption of the analysis is reduced to 89%.
APA, Harvard, Vancouver, ISO, and other styles
6

Chen, Ting-Wen, and 陳鼎文. "Automatic Sourcing for Symbolic Execution in Evasive Malware Analysis." Thesis, 2016. http://ndltd.ncl.edu.tw/handle/66689369422897880085.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Zhang, Nian-Zu, and 張念祖. "A Study on Evasion Techniques of Anti-Analysis Malware by Examples." Thesis, 2015. http://ndltd.ncl.edu.tw/handle/sa6mw9.

Full text
Abstract:
碩士
健行科技大學
資訊工程系碩士班
103
There are a large number of unknown malware sample recently. However, computer technology has not been developed in the past decade. It was told that quantity does not equal quality. But the quality of malware is improving with time. All kinds of anti-analysis technology is to conflict with information security personnel. Actually, samples analyze by manual analysis is inefficient. Besides, there have Anti-Analysis technology to disturb analysts, Because of that, there is an Automated Malware Analysis System to against them(Hereinafter referred to as SandBox). It not only have a environment that can be controlled and have monitor and collect sample modules, but also have static analysis, and the most important modules that can trigger samples. This system improve the efficiency of the analyzed sample and this is the best way to analyze sample until now. “While the priest climbs a post, the devil climbs ten”, malware developer start to develop Anti-SandBox technology. It will stop doing malicious behavior as soon as it detect there is a SandBox .Of course, SandBox can not detect suspicious information. This paper aims to study Anti-Sanbox or Anti-VM mechanism try to use existing SandBox technology for analysing malware, and find how the malware can avoide SandBox caught and identifying current running on what kind of SandBox software Finally, the experiment will out of into a single software technology, provding the user free with this technology for investigating SandBox environment.
APA, Harvard, Vancouver, ISO, and other styles
8

Ersan, Erkan. "On the (in)security of behavioral-based dynamic anti-malware techniques." Thesis, 2017. http://hdl.handle.net/1828/7935.

Full text
Abstract:
The Internet has become the primary vector for the delivery of malicious code in cyber attacks, and malware has rapidly become a pervasive critical threat. Anti- malware products offer effective protection from malware threats for servers and endpoint devices using a variety of techniques. Advanced enterprise-level anti-malware products rely on state-of-art behavioral-based detection algorithms, in addition to traditional signature-based mechanisms. These dynamic detection techniques have been around for more than a decade and in response hackers have developed methods to evade them. However, currently known bypass methods require intensive manual labor. Moreover, this manual work has to be repeated whenever a parameter of the environment (such as the payload, operating system, Antivirus version, etc) changes, making these methods impractical. This may lead to the belief that dynamic techniques provide a good deterrence, and hence good protection. In this thesis we evaluate dynamic techniques. Specifically, we build tools to implement generic unhooking and funneling, and using these tools we show how dynamic techniques can be bypassed with considerably less effort than by fully manual methods. We also extend the repertoire of existing bypass methods and introduce a new malicious function call technique which exploits detection techniques that monitor a limited collection of critical system functions, as well as a method for bypassing guard-page protections. We demonstrate the effectiveness of all our techniques by conducting attacks against two enterprise antivirus products. Our results lead us to conclude that that dynamic techniques do not provide sufficient protection.
Graduate
2018-02-07
0984
erkanersan@gmail.com
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "Evasive malware"

1

Tanabe, Rui, Wataru Ueno, Kou Ishii, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Daisuke Inoue, and Christian Rossow. "Evasive Malware via Identifier Implanting." In Detection of Intrusions and Malware, and Vulnerability Assessment, 162–84. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-319-93411-2_8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Hăjmăşan, Gheorghe, Alexandra Mondoc, Radu Portase, and Octavian Creţ. "Evasive Malware Detection Using Groups of Processes." In ICT Systems Security and Privacy Protection, 32–45. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-58469-0_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Kang, Min Gyung, Juan Caballero, and Dawn Song. "Distributed Evasive Scan Techniques and Countermeasures." In Detection of Intrusions and Malware, and Vulnerability Assessment, 157–74. Berlin, Heidelberg: Springer Berlin Heidelberg, 2007. http://dx.doi.org/10.1007/978-3-540-73614-1_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Mohanta, Abhijit, and Anoop Saldanha. "Armoring and Evasion: The Anti-Techniques." In Malware Analysis and Detection Engineering, 691–720. Berkeley, CA: Apress, 2020. http://dx.doi.org/10.1007/978-1-4842-6193-4_19.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Royo, Álvaro Arribas, Manuel Sánchez Rubio, Walter Fuertes, Mauro Callejas Cuervo, Carlos Andrés Estrada, and Theofilos Toulkeridis. "Malware Security Evasion Techniques: An Original Keylogger Implementation." In Advances in Intelligent Systems and Computing, 375–84. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-72657-7_36.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Leguesse, Yonas, Mark Vella, and Joshua Ellul. "AndroNeo: Hardening Android Malware Sandboxes by Predicting Evasion Heuristics." In Information Security Theory and Practice, 140–52. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-319-93524-9_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Biondi, Fabrizio, Thomas Given-Wilson, Axel Legay, Cassius Puodzius, and Jean Quilbeuf. "Tutorial: An Overview of Malware Detection and Evasion Techniques." In Leveraging Applications of Formal Methods, Verification and Validation. Modeling, 565–86. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-030-03418-4_34.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Yamamoto, Risa, and Mamoru Mimura. "On the Possibility of Evasion Attacks with Macro Malware." In Advances in Intelligent Systems and Computing, 43–59. Singapore: Springer Singapore, 2021. http://dx.doi.org/10.1007/978-981-16-5301-8_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Yokoyama, Akira, Kou Ishii, Rui Tanabe, Yinmin Papa, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, et al. "SandPrint: Fingerprinting Malware Sandboxes to Provide Intelligence for Sandbox Evasion." In Research in Attacks, Intrusions, and Defenses, 165–87. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-45719-2_8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Chen, Lingwei, Shifu Hou, Yanfang Ye, and Lifei Chen. "An Adversarial Machine Learning Model Against Android Malware Evasion Attacks." In Web and Big Data, 43–55. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-69781-9_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Evasive malware"

1

Borders, K., Xin Zhao, and A. Prakash. "Siren: catching evasive malware." In 2006 IEEE Symposium on Security and Privacy. IEEE, 2006. http://dx.doi.org/10.1109/sp.2006.37.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Botacin, Marcus, Vitor Falcão da Rocha, Paulo Lício de Geus, and André Grégio. "Analysis, Anti-Analysis, Anti-Anti-Analysis: An Overview of the Evasive Malware Scenario." In Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais. Sociedade Brasileira de Computação - SBC, 2017. http://dx.doi.org/10.5753/sbseg.2017.19504.

Full text
Abstract:
Malicious programs are persistent threats to computer systems, and their damages extend from financial losses to critical infrastructure attacks. Malware analysis aims to provide useful information to be used for forensic procedures and countermeasures development. To thwart that, attackers make use of anti-analysis techniques that prevent or difficult their malware from being analyzed. These techniques rely on instruction side-effects and that system's structure checks are inspection-aware. Thus, detecting evasion attempts is an important step of any successful investigative procedure. In this paper, we present a broad overview of what anti-analysis techniques are being used in malware and how they work, as well as their detection counterparts, i.e., the anti-anti-analysis techniques that may be used by forensic investigators to defeat evasive malware. We also evaluated over one hundred thousand samples in the search of the presence of anti-analysis technique and summarized the obtained information to present an evasion-aware malware threat scenario.
APA, Harvard, Vancouver, ISO, and other styles
3

Zhang, Jialong, Zhongshu Gu, Jiyong Jang, Dhilung Kirat, Marc Stoecklin, Xiaokui Shu, and Heqing Huang. "Scarecrow: Deactivating Evasive Malware via Its Own Evasive Logic." In 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 2020. http://dx.doi.org/10.1109/dsn48063.2020.00027.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Nicho, Mathew, and Maitha Alkhateri. "Modeling Evasive Malware Authoring Techniques." In 2021 5th Cyber Security in Networking Conference (CSNet). IEEE, 2021. http://dx.doi.org/10.1109/csnet52717.2021.9614645.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Koutsokostas, Vasilios, and Constantinos Patsakis. "Python and Malware: Developing Stealth and Evasive Malware without Obfuscation." In 18th International Conference on Security and Cryptography. SCITEPRESS - Science and Technology Publications, 2021. http://dx.doi.org/10.5220/0010541501250136.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Koutsokostas, Vasilios, and Constantinos Patsakis. "Python and Malware: Developing Stealth and Evasive Malware without Obfuscation." In 18th International Conference on Security and Cryptography. SCITEPRESS - Science and Technology Publications, 2021. http://dx.doi.org/10.5220/0010541500002998.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Afreen, Asad, Moosa Aslam, and Saad Ahmed. "Analysis of Fileless Malware and its Evasive Behavior." In 2020 International Conference on Cyber Warfare and Security (ICCWS). IEEE, 2020. http://dx.doi.org/10.1109/iccws48432.2020.9292376.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Lim, Charles, and Nicsen. "Mal-EVE: Static detection model for evasive malware." In 2015 10th International Conference on Communications and Networking in China (ChinaCom). IEEE, 2015. http://dx.doi.org/10.1109/chinacom.2015.7497952.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Liu, Tao, and Wujie Wen. "Deep-evasion: Turn deep neural network into evasive self-contained cyber-physical malware." In WiSec '19: 12th ACM Conference on Security and Privacy in Wireless and Mobile Networks. New York, NY, USA: ACM, 2019. http://dx.doi.org/10.1145/3317549.3326311.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Liu, Lang, Yacong Gu, Qi Li, and Purui Su. "RealDroid: Large-Scale Evasive Malware Detection on "Real Devices"." In 2017 26th International Conference on Computer Communication and Networks (ICCCN). IEEE, 2017. http://dx.doi.org/10.1109/icccn.2017.8038419.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Evasive malware' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography