Please use this identifier to cite or link to this item:
Type: Artigo de evento
Title: Pinpointing Malicious Activities Through Network And System-level Malware Execution Behavior
Author: Gregio A.R.A.
Afonso V.M.
Filho D.S.F.
De Geus P.L.
Jino M.
Dos Santos R.D.C.
Abstract: Malicious programs pose a major threat to Internet-connected systems, increasing the importance of studying their behavior in order to fight against them. In this paper, we propose definitions to the different types of behavior that a program can present during its execution. Based on those definitions, we define suspicious behavior as the group of actions that change the state of a target system. We also propose a set of network and system-level dangerous activities that can be used to denote the malignity in suspicious behaviors, which were extracted from a large set of malware samples. In addition, we evaluate the malware samples according to their suspicious behavior. Moreover, we developed filters to translate from lower-level execution traces to the observed dangerous activities and evaluated them in the context of actual malware. © 2012 Springer-Verlag.
Rights: fechado
Identifier DOI: 10.1007/978-3-642-31128-4_20
Date Issue: 2012
Appears in Collections:Unicamp - Artigos e Outros Documentos

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.