Please use this identifier to cite or link to this item: http://repositorio.unicamp.br/jspui/handle/REPOSIP/97097
Type: Artigo de evento
Title: Pinpointing Malicious Activities Through Network And System-level Malware Execution Behavior
Author: Gregio A.R.A.
Afonso V.M.
Filho D.S.F.
De Geus P.L.
Jino M.
Dos Santos R.D.C.
Abstract: Malicious programs pose a major threat to Internet-connected systems, increasing the importance of studying their behavior in order to fight against them. In this paper, we propose definitions to the different types of behavior that a program can present during its execution. Based on those definitions, we define suspicious behavior as the group of actions that change the state of a target system. We also propose a set of network and system-level dangerous activities that can be used to denote the malignity in suspicious behaviors, which were extracted from a large set of malware samples. In addition, we evaluate the malware samples according to their suspicious behavior. Moreover, we developed filters to translate from lower-level execution traces to the observed dangerous activities and evaluated them in the context of actual malware. © 2012 Springer-Verlag.
Editor: 
Rights: fechado
Identifier DOI: 10.1007/978-3-642-31128-4_20
Address: http://www.scopus.com/inward/record.url?eid=2-s2.0-84863904235&partnerID=40&md5=e8fa7f3e954a1a5f565f80bfd5cce789
Date Issue: 2012
Appears in Collections:Unicamp - Artigos e Outros Documentos

Files in This Item:
There are no files associated with this item.


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.