Design and Analysis of a New Feature-Distributed Malware

Author

Byungho Min ; Varadharajan, Vijay

Author_Institution

Dept. of Comput., Macquarie Univ., Sydney, NSW, Australia

fYear

2014

fDate

24-26 Sept. 2014

Firstpage

457

Lastpage

464

Abstract

In this paper, we propose a new advanced malware that distributes its features to multiple software components in order to bypass various security policies such as application white listing and security tools like anti-virus. A tool that automatically generates such malware has been developed, and malware instances generated by this tool have been evaluated, showing the risks of the proposed malware. The new threat proposed in this paper is particularly important in modern computing platforms since they have progressed to more secure environments with various defensive techniques such as application-based permission and application white listing. In addition, anti-virus solutions are improving their detection techniques, especially based on behavioural properties. Our offensive technique is designed to overcome these hurdles so that appropriate defensive mitigations can be explored before the adversary develops such offensive technique as they always have done.

Keywords

invasive software; antivirus solutions; application whitelisting; application-based permission; computing platforms; feature-distributed malware analysis; feature-distributed malware design; security policies; security tools; software components; Browsers; Data collection; Feature extraction; Libraries; Malware; Software; Feature Distribution; Malware; Security; Software Component;

fLanguage

English

Publisher

ieee

Conference_Titel

Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on

Conference_Location

Beijing

Type

conf

DOI

10.1109/TrustCom.2014.58

Filename

7011282