Taint-Graph-Based for Automatic Spyware Analysis

Author

Lu, Zhi-Peng ; Hao, Yu-jie ; Ding, Zhi-Jian ; Zhang, Rui ; Han, Qiao-Ling

Author_Institution

Sch. of Comput. Sci. & Eng., Univ. of Electron. Sci. & Technol. of China, Chengdu

fYear

2008

fDate

13-15 Dec. 2008

Firstpage

334

Lastpage

337

Abstract

Spyware is a kind of malicious code that is installed on victims´ machines without their content. They spy on the users´ behavior and compromise their privacy, while transmitting sensitive information to some remote servers. Current anti-spyware tools are similar to anti-virus products in that they identify known spyware by comparing the binary image to a database of signatures. Unfortunately, these techniques cannot distinguish some novel spyware, require frequent updates to signature databases, and are easy to elude by code obfuscation. In this paper, we introduce a novel analysis approach that tracks the sensitive information flow through the system. Trough our analysis to obtained data, we can identify unknown program or components as spyware and gain detail information. For example, which sensitive data is leaked and where it is sent.

Keywords

data privacy; graph theory; invasive software; online front-ends; Microsoft Internet Explorer; anti spyware tool; anti virus product; automatic spyware analysis; data privacy; malicious code; remote server; sensitive information transmittion; Chemical analysis; Chemical engineering; Chemical technology; Computer science; Image analysis; Image databases; Information analysis; Internet; Search engines; Testing; Spyware analysis; spyware automatic detection; taint analysis; taint graph;

fLanguage

English

Publisher

ieee

Conference_Titel

Apperceiving Computing and Intelligence Analysis, 2008. ICACIA 2008. International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-3427-5

Electronic_ISBN

978-1-4244-3426-8

Type

conf

DOI

10.1109/ICACIA.2008.4770036

Filename

4770036