Abstract | ||
---|---|---|
To solve the scalability problem introduced by the exponential growth of malware, numerous automated malware analysis techniques have been developed. Unfortunately, all of these approaches make previously unaddressed assumptions that manifest as weaknesses to the tenability of the automated malware analysis process. To highlight this concern, we developed two obfuscation techniques that make the successful execution of a malware sample dependent on the unique properties of the original host it infects. To reinforce the potential for malware authors to leverage this type of analysis resistance, we discuss the Flashback botnet's use of a similar technique to prevent the automated analysis of its samples. |
Year | Venue | Keywords |
---|---|---|
2012 | HotSec | original host,malware author,automated malware analysis process,exponential growth,environment-sensitive malware,analysis resistance,numerous automated malware analysis,obfuscation technique,flashback botnet,automated analysis,malware sample |
Field | DocType | Citations |
Cryptovirology,Computer security,Botnet,Computer science,Obfuscation,Malware,Cyber-collection,Malware analysis,Scalability | Conference | 9 |
PageRank | References | Authors |
0.57 | 14 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Chengyu Song | 1 | 412 | 30.15 |
Paul Royal | 2 | 414 | 29.86 |
Wenke Lee | 3 | 9351 | 628.83 |