The impact of malware evolution on the analysis methods and infrastructure
Krzysztof Cabaj, Piotr Gawkowski, Konrad Grochowski, Alexis Nowikowski, Piotr Żórawski
DOI: http://dx.doi.org/10.15439/2017F415
Citation: Proceedings of the 2017 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 11, pages 549–553 (2017)
Abstract. The huge number of malware introduced each day demands methods and tools for their automated analyses. Complex and distributed infrastructure of malicious software and new sophisticated techniques used to obstruct the analyses are discussed in the paper based on real-life malware evolution observed for a long time. Their impact on both toolsets and methods are presented based on practical development of systems for malware analyses and new features for existing tools.
References
- T. Herr and E. Armbrust, “Milware: Identification and implications of state authored malicious software,” in Proceedings of the 2015 New Security Paradigms Workshop, ser. NSPW ’15. New York, NY, USA: ACM, 2015, pp. 29–43. [Online]. Available: http://doi.acm.org/10.1145/2841113.2841116
- C. Lever, P. Kotzias, D. Balzarotti, J. Caballero, and M. Antonakakis, “A Lustrum of malware network communication: Evolution and insights,” in S&P 2017, 37th IEEE Symposium on Security and Privacy, May 23-25, 2017, San Jose, USA, San Jose, UNITED STATES, 05 2017. [Online]. Available: http://www.eurecom.fr/publication/5177
- K. Cabaj, K. Grochowski, and P. Gawkowski, “Practical problems of internet threats analyses,” in Theory and Engineering of Complex Systems and Dependability. Proceedings of the Tenth International Con- ference on Dependability and Complex Systems DepCoS-RELCOMEX, ser. Advances in Intelligent Systems and Computing, W. Zamojski, J. Mazurkiewicz, J. Sugier, T. Walkowiak, and J. Kacprzyk, Eds., vol. 365. Springer International Publishing, 2015, pp. 87–96.
- K. Cabaj and P. Gawkowski, “Honeypot systems in practice,” Przegląd Elektrotechniczny, vol. 91, no. 2, pp. 63–67, 2015.
- M. L. Bringer, C. A. Chelmecki, and H. Fujinoki, “A survey: Recent advances and future trends in honeypot research,” International Journal of Computer Network and Information Security, vol. 4, no. 10, p. 63, 2012.
- P. Baecher, M. Koetter, T. Holz, M. Dornseif, and F. Freiling, The Nepenthes Platform: An Efficient Approach to Collect Malware. Berlin, Heidelberg: Springer Berlin Heidelberg, 2006, pp. 165–184. [Online]. Available: http://dx.doi.org/10.1007/11856214_9
- T. Sochor and M. Zuzcak, Study of Internet Threats and Attack Methods Using Honeypots and Honeynets. Cham: Springer International Publishing, 2014, pp. 118–127. [Online]. Available: http://dx.doi.org/10.1007/978-3-319-07941-7_12
- P. Baecher, M. Koetter, T. Holz, M. Dornseif, and F. Freiling, The Nepenthes Platform: An Efficient Approach to Collect Malware. Berlin, Heidelberg: Springer Berlin Heidelberg, 2006, pp. 165–184. [Online]. Available: http://dx.doi.org/10.1007/11856214_9
- M. Xu, L. Wu, S. Qi, J. Xu, H. Zhang, Y. Ren, and N. Zheng, “A similarity metric method of obfuscated malware using function-call graph,” Journal of Computer Virology and Hacking Techniques, vol. 9, no. 1, pp. 35–47, 2013. [Online]. Available: http://dx.doi.org/10.1007/s11416-012-0175-y
- C. Guarnieri and A. Tanasi. malwr.com website. [Online]. Available: http://malwr.com
- M. Vasilescu, L. Gheorghe, and N. Tapus, “Practical malware analysis based on sandboxing,” in 2014 RoEduNet Conference 13th Edition: Networking in Education and Research Joint Event RENAM 8th Conference, Sept 2014, pp. 1–6.
- K. Cabaj, P. Gawkowski, K. Grochowski, and A. Kosik, “Developing malware evaluation infrastructure,” in Proceedings of the 2016 Federated Conference on Computer Science and Information Systems, ser. Annals of Computer Science and Information Systems, M. Ganzha, L. A. Maciaszek, and M. Paprzycki, Eds., vol. 5. IEEE, 2016, pp. 1001–1009.
- K. Cabaj, P. Gawkowski, K. Grochowski, and D. Osojca, “Network activity analysis of cryptowall ransomware,” Przegląd Elektrotechniczny, vol. 91, no. 11, pp. 201–204, 2015.