|
|
|
 |
Search published articles |
 |
|
Showing 4 results for Malware
Ms Elham Abed, Dr Reza Ebrahimi Atani,
Volume 4, Issue 1 (9-2015)
Abstract
Withe the growth rate of smartphones, we are daily witness malwares which sits on them confidential information such as financial information and transactions, mobile banking, contact information and even steal SMS messages. One of the major damage that malware can cause the formation of mobile cellular botnets. According to statistics published in 2014, F-secure site on mobile malware threats every 5 botnet threat is one of them. The term botnet refers to a group of mobile smartphones to remotely influenced by the Director of the bot command and control channel for the control activities. In this paper, the new plans provided by mobile botnets from three points of distribution, channel botnet command and control and topology will be reviewed and ways to deal with this threat are briefly presented.
Hadi Golbaghi, Mojtaba Vahidi Asl, Alireza Khalilian,
Volume 7, Issue 1 (9-2018)
Abstract
Malware writers leverage several techniques for thwarting the detection method of antimalware software. An effective technique is applying obfuscation techniques to make metamorphic malware. Metamorphism modifies the code structure in a way that while retaining the behavior, the pattern and structure of the code is changed. Recently, researchers have proposed a new method for metamorphic malware detection that works based on static analysis of malware code. However, some obfuscation techniques exist that when applied, the efficacy of static analyzes is adversely affected. To overcome this issue, in this paper, we apply a dynamic analysis in addition to static analysis. The new method elicits some information from both static and dynamic analyzes, combines them, and uses the resultant information to learn a classifier. The obtained classifier is then used to detect a new instance of an existing family of metamorphic malwares. In fact, the combination of both static and dynamic information is intended to address the weaknesses of each individual analysis and leads to an overall better effectiveness. In order to evaluate the proposed method, experiments on 450 files including benign files and 5 families of metamorphic malwares, namely MPCGEN, G2, VLC, NGVCK, and MWOR, have been conducted. The experiments were performed in three cases: static analysis, dynamic analysis, and the combination of both. The results of comparison among three cases show that metamorphic malware detection is not reached to 100 percent precision via either static or dynamic analysis individually. However, using the combination of both static and dynamic information could have consistently led to detection with 100 percent precision, which have been measured using ROC metric.
Seyed Ata S. Jafari, Mohammadhadi Alaeiyan, Aeed Parsa,
Volume 8, Issue 2 (2-2020)
Abstract
There is no doubt that malicious programs are one of the permanent threats to computer systems. Malicious programs distract the normal process of computer systems to apply their roguish purposes. Meanwhile, there is also a type of malware known as the ransomware that limits victims to access their computer system either by encrypting the victim's files or by locking the system. Despite other malicious families, ransomware families explicitly warn victims against its existence on the computer system. Although ransomwares are serious problems with computers, they can be detected with restricted footprints on victims’ computers. In this research, we provide a ransomware monitoring system which requires special environments to extract the malware filesystem's activities. A set of features based on filesystem's activities is extracted to classify ransomware families with an accuracy 98% by applying machine learning technique.
Majid Iranpour Mobarakeh, Behrouz Tork Ladani,
Volume 11, Issue 1 (9-2022)
Abstract
Detection of browser attacks is considered a serious challenge in today’s web applications. Man in the Browser (MitB) attack is an important type of these attacks that can lead to changes in web page contents, interference in network traffic, session hijacking, and user information theft by using Trojans. In this paper, an efficient tool for real-time detection of MitB attacks through dynamic analysis of web pages based on the description of attack patterns is presented. The advantage of the proposed tool is that it is not limited to identifying one or more specific attacks and the identification method code is not embedded in the tool, but the patterns of different attacks are specified separately. In order to evaluate the presented tool, two vulnerable web services provided by OWASP, which have a wide range of known vulnerabilities, were used along with the BeEF penetration test framework, and a set of MitB attacks were practically implemented and evaluated by the tool. The same tests were performed using three other similar tools and compared with the developed tool. In addition to the superiority of the presented tool in terms of the independence of attack descriptions from the tool itself, the results show that the accuracy and readability of its diagnosis are better than similar tools.
|
|
