An Unknown Malware Detection Using Execution Registry Access

被引：1

作者：

Kono, Kento ^{[1
]}

Phomkeona, Sanouphab ^{[1
]}

Okamura, Koji ^{[1
]}

机构：

[1] Kyushu Univ, Grad Sch Informat Sci & Elect Engn, Fukuoka, Japan

来源：

2018 IEEE 42ND ANNUAL COMPUTER SOFTWARE AND APPLICATIONS CONFERENCE (COMPSAC 2018), VOL 2 | 2018年

基金：

日本科学技术振兴机构;

关键词：

Malicious software; virus infection; malware detection; registry access; URSNIF;

D O I：

10.1109/COMPSAC.2018.10281

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

Traditional antivirus software is using virus definition to identify malware infection. In addition, antivirus needs to update the new virus definitions to guarantee its detection accuracy. However, due to the number of malware variants and new types of them are increase, it is very difficult to detect and respond them all. Moreover, there will be a serious incident if an unknown malware that did not correspond to the data definition had installed and expanded the infection without any notification. Therefore, in this paper we proposed a method to detect malware infection focus on registry accesses and malware execution processes based on Windows OS host pc. By using URSNIF banking spyware in experiments, we calculated its high failure rate of registry accesses as well as checked on specific access to confirmed the detection result.

引用

页码：487 / 491

页数：5

共 50 条

[1] Unknown Malware Detection Using Network Traffic Classification
Bekerman, Dmitri
Shapira, Bracha
Rokach, Lior
Bar, Ariel
[J]. 2015 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2015, : 134 - 142
[2] In-Execution Malware Detection using Task Structures of Linux Processes
Shahzad, Farrukh
Bhatti, Sohail
Shahzad, Muhammad
Farooq, Muddassar
[J]. 2011 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC), 2011,
[3] Clustering Analysis for Malware Behavior Detection using Registry Data
Rosli, Nur Adibah
Mohamed, Warusia
Faizal, M. A.
Selamat, Siti Rahayu
[J]. INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2019, 10 (12) : 93 - 102
[4] Unknown malware detection based on IRP
Zhang, Fu-Yong
Qi, De-Yu
Hu, Jing-Lin
[J]. Huanan Ligong Daxue Xuebao/Journal of South China University of Technology (Natural Science), 2011, 39 (04): : 15 - 20
[5] COLLECTIVE CLASSIFICATION FOR UNKNOWN MALWARE DETECTION
Santos, Igor
Laorden, Carlos
Bringas, Pablo G.
[J]. SECRYPT 2011: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2011, : 251 - 256
[6] Robust Detection Model for Portable Execution Malware
Zheng, Wanjia
Omote, Kazumasa
[J]. IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC 2021), 2021,
[7] Symbolic execution based feature extraction for detection of malware
Namani, Naveen
Khan, Arindam
[J]. PROCEEDINGS OF THE 2020 5TH INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND SECURITY (ICCCS-2020), 2020,
[8] Heterogeneous Graph Matching Networks for Unknown Malware Detection
Wang, Shen
Chen, Zhengzhang
Yu, Xiao
Li, Ding
Ni, Jingchao
Tang, Lu-An
Gui, Jiaping
Li, Zhichun
Chen, Haifeng
Yu, Philip S.
[J]. PROCEEDINGS OF THE TWENTY-EIGHTH INTERNATIONAL JOINT CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2019, : 3762 - 3770
[9] An unknown malware detection scheme based on the features of graph
Zhao, Zongqu
Wang, Junfeng
Wang, Chonggang
[J]. SECURITY AND COMMUNICATION NETWORKS, 2013, 6 (02) : 239 - 246
[10] Semi-supervised Learning for Unknown Malware Detection
Santos, Igor
Nieves, Javier
Bringas, Pablo G.
[J]. INTERNATIONAL SYMPOSIUM ON DISTRIBUTED COMPUTING AND ARTIFICIAL INTELLIGENCE, 2011, 91 : 415 - 422

← 1 2 3 4 5 →