Paper Info
Title
Hybrid Analysis Technique to detect Advanced Persistent Threats
Abstract
AbstractAdvanced persistent threats APT are major threats in the field of system and network security. They are extremely stealthy and use advanced evasion techniques like packing and behaviour obfuscation to hide their malicious behaviour and evade the detection methods. Existing behavior-based detection technique fails to detect the APTs due to its high persistence mechanism and sophisticated code nature. Hence, a novel hybrid analysis technique using Behavior based Sandboxing approach is proposed. The proposed technique consists of four phases namely, Static, Dynamic, Memory and System state analysis. Initially, static analysis is performed on the sample which involves packer detection and signature verification. If the sample is found stealthy and remains undetected, then it is executed inside a sandbox environment to analyze its behavior. Further, memory analysis is performed to extract memory artefacts of the current system state. Finally, system state analysis is performed by correlating clean system state and infected system state to determine whether the system is compromised
Year
DOI
Venue
2018
10.4018/IJIIT.2018040104
Periodicals
Keywords
Field
DocType
Advanced Persistent Threats (APT), dynamic analysis, Malware analysis, malware sandbox, memory analysis, static analysis, system state analysis
Sandbox (computer security),Sandbox (software development),Data mining,Computer science,Network security,Static analysis,Memory analysis,Obfuscation,Embedded system
Journal
Volume
Issue
ISSN
14
2
1548-3657
Citations 
PageRank 
References 
0
0.34
14
Authors
3
Name
Order
Citations
PageRank
S. Sibi Chakkaravarthy1133.70
V. Vaidehi210623.77
Rajesh, P.310.82