All-in-One Framework for Detection, Unpacking, and Verification for Malware Analysis
المؤلفون المشاركون
Choi, Mi-Jung
Kim, Hajin
Moon, Yang-Sae
Bang, Jiwon
Kim, Jongwook
المصدر
Security and Communication Networks
العدد
المجلد 2019، العدد 2019 (31 ديسمبر/كانون الأول 2019)، ص ص. 1-16، 16ص.
الناشر
Hindawi Publishing Corporation
تاريخ النشر
2019-10-13
دولة النشر
مصر
عدد الصفحات
16
التخصصات الرئيسية
تكنولوجيا المعلومات وعلم الحاسوب
الملخص EN
Packing is the most common analysis avoidance technique for hiding malware.
Also, packing can make it harder for the security researcher to identify the behaviour of malware and increase the analysis time.
In order to analyze the packed malware, we need to perform unpacking first to release the packing.
In this paper, we focus on unpacking and its related technologies to analyze the packed malware.
Through extensive analysis on previous unpacking studies, we pay attention to four important drawbacks: no phase integration, no detection combination, no real-restoration, and no unpacking verification.
To resolve these four drawbacks, in this paper, we present an all-in-one structure of the unpacking system that performs packing detection, unpacking (i.e., restoration), and verification phases in an integrated framework.
For this, we first greatly increase the packing detection accuracy in the detection phase by combining four existing and new packing detection techniques.
We then improve the unpacking phase by using the state-of-the-art static and dynamic unpacking techniques.
We also present a verification algorithm evaluating the accuracy of unpacking results.
Experimental results show that the proposed all-in-one unpacking system performs all of the three phases well in an integrated framework.
In particular, the proposed hybrid detection method is superior to the existing methods, and the system performs unpacking very well up to 100% of restoration accuracy for most of the files except for a few packers.
نمط استشهاد جمعية علماء النفس الأمريكية (APA)
Choi, Mi-Jung& Bang, Jiwon& Kim, Jongwook& Kim, Hajin& Moon, Yang-Sae. 2019. All-in-One Framework for Detection, Unpacking, and Verification for Malware Analysis. Security and Communication Networks،Vol. 2019, no. 2019, pp.1-16.
https://search.emarefa.net/detail/BIM-1210469
نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)
Choi, Mi-Jung…[et al.]. All-in-One Framework for Detection, Unpacking, and Verification for Malware Analysis. Security and Communication Networks No. 2019 (2019), pp.1-16.
https://search.emarefa.net/detail/BIM-1210469
نمط استشهاد الجمعية الطبية الأمريكية (AMA)
Choi, Mi-Jung& Bang, Jiwon& Kim, Jongwook& Kim, Hajin& Moon, Yang-Sae. All-in-One Framework for Detection, Unpacking, and Verification for Malware Analysis. Security and Communication Networks. 2019. Vol. 2019, no. 2019, pp.1-16.
https://search.emarefa.net/detail/BIM-1210469
نوع البيانات
مقالات
لغة النص
الإنجليزية
الملاحظات
Includes bibliographical references
رقم السجل
BIM-1210469
قاعدة معامل التأثير والاستشهادات المرجعية العربي "ارسيف Arcif"
أضخم قاعدة بيانات عربية للاستشهادات المرجعية للمجلات العلمية المحكمة الصادرة في العالم العربي
تقوم هذه الخدمة بالتحقق من التشابه أو الانتحال في الأبحاث والمقالات العلمية والأطروحات الجامعية والكتب والأبحاث باللغة العربية، وتحديد درجة التشابه أو أصالة الأعمال البحثية وحماية ملكيتها الفكرية. تعرف اكثر