Malware Specimen

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 15 Experts worldwide ranked by ideXlab platform

James M. Aquilina - One of the best experts on this subject based on the ideXlab platform.

  • Analysis of a Malware Specimen
    Malware Forensics Field Guide for Windows Systems, 2012
    Co-Authors: Cameron H. Malin, Eoghan Casey, James M. Aquilina
    Abstract:

    Through the file profiling method, tools, and techniques discussed in Chapter 5, forensic investigators can gain important insight into the dependencies, strings, antivirus signatures, and metadata associated with a suspect file and use this knowledge to learn more about the file. Building on that information, this chapter further explores the nature, purpose, and functionality of a suspect program by conducting a dynamic and static analysis of the binary. The chapter demonstrates the importance of using dynamic and static analysis to gain a better understanding of a malicious code Specimen. It explains what an investigator should consider while analyzing a suspect program, including the nature and purpose of the program, how it accomplishes its purpose, how it interacts with the host system and network, how the attacker interacts with the program, and more. The chapter also covers how phylogenetic relationships between Specimens can provide insight into their origin, composition, and development.

Cameron H. Malin - One of the best experts on this subject based on the ideXlab platform.

  • Analysis of a Malware Specimen
    Malware Forensics Field Guide for Windows Systems, 2012
    Co-Authors: Cameron H. Malin, Eoghan Casey, James M. Aquilina
    Abstract:

    Through the file profiling method, tools, and techniques discussed in Chapter 5, forensic investigators can gain important insight into the dependencies, strings, antivirus signatures, and metadata associated with a suspect file and use this knowledge to learn more about the file. Building on that information, this chapter further explores the nature, purpose, and functionality of a suspect program by conducting a dynamic and static analysis of the binary. The chapter demonstrates the importance of using dynamic and static analysis to gain a better understanding of a malicious code Specimen. It explains what an investigator should consider while analyzing a suspect program, including the nature and purpose of the program, how it accomplishes its purpose, how it interacts with the host system and network, how the attacker interacts with the program, and more. The chapter also covers how phylogenetic relationships between Specimens can provide insight into their origin, composition, and development.

Eoghan Casey - One of the best experts on this subject based on the ideXlab platform.

  • Analysis of a Malware Specimen
    Malware Forensics Field Guide for Windows Systems, 2012
    Co-Authors: Cameron H. Malin, Eoghan Casey, James M. Aquilina
    Abstract:

    Through the file profiling method, tools, and techniques discussed in Chapter 5, forensic investigators can gain important insight into the dependencies, strings, antivirus signatures, and metadata associated with a suspect file and use this knowledge to learn more about the file. Building on that information, this chapter further explores the nature, purpose, and functionality of a suspect program by conducting a dynamic and static analysis of the binary. The chapter demonstrates the importance of using dynamic and static analysis to gain a better understanding of a malicious code Specimen. It explains what an investigator should consider while analyzing a suspect program, including the nature and purpose of the program, how it accomplishes its purpose, how it interacts with the host system and network, how the attacker interacts with the program, and more. The chapter also covers how phylogenetic relationships between Specimens can provide insight into their origin, composition, and development.

Koji Nakao - One of the best experts on this subject based on the ideXlab platform.

  • SAINT - How to Locate a Target Binary Process and Its Derivatives in System Emulator
    2010 10th IEEE IPSJ International Symposium on Applications and the Internet, 2010
    Co-Authors: Hyung Chan Kim, Daisuke Inoue, Masashi Eto, Jungsuk Song, Koji Nakao
    Abstract:

    Many parties for analyzing Malwares have been deployed several types of dynamic binary analysis systems. In such systems, a given Malware Specimen is inserted and monitoring modules profile the behavior of the Malware to compile analysis results. However, many Malwares generate derivative processes by making child processes and/or interposing behavior into other processes. In this paper, we describe an architecture of an extended system emulator (Livex) to instrument sample Malware processes in parallel. Livex is built upon QEMU whole system emulator. For a given target binary Specimen, our system tries to probe its derivative processes and monitor them together with the main process. This paper includes experiments to look at the applicability of our method with synthetic programs as well as real Malware Specimens.

Sweeney, Alan Martin - One of the best experts on this subject based on the ideXlab platform.

  • Malware analysis and antivirus signature creation
    Letterkenny Institute of Technology, 2015
    Co-Authors: Sweeney, Alan Martin
    Abstract:

    The rapid advances social media, educational tools and communications platforms available today have expanded the attack landscape through which the malicious user can propagate their work can carry out damaging attacks. Attacks against desktop, mobile and cloud-based systems have seen a sharp increase in recent years owing to recent advanced Malware creation techniques and all the more worrying are the common misconceptions among end-users that anti-Malware programs will safeguard against these threats. Progressive analysis of these Malware Specimens has prompted the security industry as a whole to take the matter more seriously but currently, appears to be reacting to threats rather than pro-actively building defences against the next wave of attacks. Significant difficulties are faced by the security industry in this respect. On this basis, the following work evaluates and analyses a Windows Malware Specimen in a controlled virtual environment to determine its purpose and function using a combination of static and dynamic code analysis. Results show that obfuscation strategies employed by Malware writers ‘morph’ viruses into forms which evade detection even by complex heuristic detection algorithms. It is recommended that the security process including the policies, procedures and security awareness training programmes be actively developed in the corporate context and that end-users in the domestic case take greater care with downloading

Malware Specimen - 15 days free trial to Access Experts & Abstracts