Title :
A hybrid framework to analyze web and OS malware
Author :
Afonso, Vitor M. ; Filho, Dario S Fernandes ; Grégio, André R A ; De Geus, Paulo L. ; Jino, Mario
Author_Institution :
Univ. of Campinas (Unicamp), Campinas, Brazil
Abstract :
Malicious programs (malware) cause serious security issues to home users and even to highly secured enterprise systems. The main infection vector currently used by attackers is the Internet. To improve the detection rate and to develop protection mechanisms, it is very important to analyze and study these threats. To this end, several systems were developed to perform malware analysis, which support operating system (OS) programs or Web codes, but they all suffer from limitations. Also, the existing systems focus only on one type of malware, those that target the OS or that require a Web browser. In this article, we propose a framework that is able to analyze Web and OS-based malware, which provides better detection rates and a broader range of malware types analysis. We have also evaluated and compared our analysis results to the state-of-the-art systems, presenting the advantages of the developed framework over them when regarding Web and OS-based malware.
Keywords :
Internet; invasive software; online front-ends; operating systems (computers); Internet attackers; OS-based malware; Web analysis; Web browser; Web codes; detection rates; home users; hybrid framework; infection vector; malicious programs; malware analysis; operating system; secured enterprise systems; serious security issues; Browsers; Crawlers; Feature extraction; Malware; Monitoring; Virtual environments; Web pages;
Conference_Titel :
Communications (ICC), 2012 IEEE International Conference on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4577-2052-9
Electronic_ISBN :
1550-3607
DOI :
10.1109/ICC.2012.6364108
