Paper Info
Title
Countering cyber threats for industrial applications: An automated approach for malware evasion detection and analysis.
Abstract
The widespread adoption of Internet of Things (IoT) in industrial systems has made malware propagation more voluminous and sophisticated. Detection and prevention against these malware threats rely on automated dynamic analysis techniques. Malware writers on the other hand, are resorting towards analysis evasion techniques that pose a great deal of challenge for the malware research community. Various approaches mostly based on virtual machines or emulators have been proposed for the analysis of such envisions. However, the practicality of these approaches is still an open debate. This paper presents a malware analysis system, capable of encountering known evasion methods of malware. A novel technique for detection of malware evasive behavior is presented, which is based on measuring the deviation from normal behavior of a program or malware. Evaluations and analysis show that this approach is effective against detecting the variations in malware behavior. Moreover, countermeasures implemented by the Analysis Evasion Malware Sandbox (AEMS) are effective for large percentage of malware detection.
Year
DOI
Venue
2018
10.1016/j.jnca.2017.10.004
Journal of Network and Computer Applications
Keywords
Field
DocType
Malware,Dormant functionality,Malware evasion detection,Analysis evasion malware sandbox,AEMS,Malware attribute enumeration
Sandbox (computer security),Malware research,Cryptovirology,Virtual machine,Web threat,Computer security,Computer science,Cyber-collection,Malware,Malware analysis
Journal
Volume
Issue
ISSN
103
C
1084-8045
Citations 
PageRank 
References 
2
0.35
5
Authors
3
Name
Order
Citations
PageRank
Muzzamil Noor120.69
Haider Abbas239143.88
Waleed Bin Shahid321.37