Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
6884886 | Journal of Network and Computer Applications | 2018 | 26 Pages |
Abstract
The widespread adoption of Internet of Things (IoT) in industrial systems has made malware propagation more voluminous and sophisticated. Detection and prevention against these malware threats rely on automated dynamic analysis techniques. Malware writers on the other hand, are resorting towards analysis evasion techniques that pose a great deal of challenge for the malware research community. Various approaches mostly based on virtual machines or emulators have been proposed for the analysis of such envisions. However, the practicality of these approaches is still an open debate. This paper presents a malware analysis system, capable of encountering known evasion methods of malware. A novel technique for detection of malware evasive behavior is presented, which is based on measuring the deviation from normal behavior of a program or malware. Evaluations and analysis show that this approach is effective against detecting the variations in malware behavior. Moreover, countermeasures implemented by the Analysis Evasion Malware Sandbox (AEMS) are effective for large percentage of malware detection.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Muzzamil Noor, Haider Abbas, Waleed Bin Shahid,