Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Publication Type
Articles 1 - 4 of 4
Full-Text Articles in Physical Sciences and Mathematics
Lessons Learned From An Investigation Into The Analysis Avoidance Techniques Of Malicious Software, Murray Brand, Craig Valli, Andrew Woodward
Lessons Learned From An Investigation Into The Analysis Avoidance Techniques Of Malicious Software, Murray Brand, Craig Valli, Andrew Woodward
Australian Digital Forensics Conference
This paper outlines a number of key lessons learned from an investigation into the techniques malicious executable software can employ to hinder digital forensic examination. Malware signature detection has been recognised by researchers to be far less than ideal. Thus, the forensic analyst may be required to manually analyse suspicious files. However, in order to hinder the forensic analyst, hide its true intent and to avoid detection, modern malware can be wrapped with packers or protectors, and layered with a plethora of antianalysis techniques. This necessitates the forensic analyst to develop static and dynamic analysis skills tailored to navigate a …
An Investigation Into The Efficacy Of Three Erasure Tools Under Windows 7, Cheng Toy Chiang, Kelvin Triton, Andrew Woodward
An Investigation Into The Efficacy Of Three Erasure Tools Under Windows 7, Cheng Toy Chiang, Kelvin Triton, Andrew Woodward
Australian Digital Forensics Conference
This paper examined three erasure software tools aimed at removing evidence of online and other activity, and was investigated using the Windows 7 operating system as the test platform. The tools in question were Anti- Tracks, Free Internet Eraser and Free Internet Window Washer. The findings included each of the tested software’s ability to completely erase target data on the drive. It also included examined whether the data was erased or merely the link to the data was deleted, making the file recoverable. It was found that the Anti-Tracks program did not erase any of the information targeted by the …
Malware Forensics: Discovery Of The Intent Of Deception, Murray Brand, Craig Valli, Andrew Woodward
Malware Forensics: Discovery Of The Intent Of Deception, Murray Brand, Craig Valli, Andrew Woodward
Australian Digital Forensics Conference
Malicious software (malware) has a wide variety of analysis avoidance techniques that it can employ to hinder forensic analysis. Although legitimate software can incorporate the same analysis avoidance techniques to provide a measure of protection against reverse engineering and to protect intellectual property, malware invariably makes much greater use of such techniques to make detailed analysis labour intensive and very time consuming. Analysis avoidance techniques are so heavily used by malware that the detection of the use of analysis avoidance techniques could be a very good indicator of the presence of malicious intent. However, there is a tendency for analysis …
Analysis Avoidance Techniques Of Malicious Software, Murray Brand
Analysis Avoidance Techniques Of Malicious Software, Murray Brand
Theses: Doctorates and Masters
Anti Virus (AV) software generally employs signature matching and heuristics to detect the presence of malicious software (malware). The generation of signatures and determination of heuristics is dependent upon an AV analyst having successfully determined the nature of the malware, not only for recognition purposes, but also for the determination of infected files and startup mechanisms that need to be removed as part of the disinfection process. If a specimen of malware has not been previously extensively analyzed, it is unlikely to be detected by AV software. In addition, malware is becoming increasingly profit driven and more likely to incorporate …