Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 4 of 4
Full-Text Articles in Physical Sciences and Mathematics
Detecting And Characterizing Self Hiding Behavior In Android Applications, Raina Samuel
Detecting And Characterizing Self Hiding Behavior In Android Applications, Raina Samuel
Theses
Applications (apps) that conceal their activities are fundamentally deceptive; app marketplaces and end-users should treat such apps as suspicious. However, due to its nature and intent, activity concealing is not disclosed up-front, which puts users at risk. This study focuses on characterization and detection of such techniques, e.g., hiding the app or removing traces, known as 'self hiding' (SH) behavior. SH behavior has not been studied per se - rather it has been reported on only as a byproduct of malware investigations. This gap is addressed via a study and suite of static analyses targeted at SH in Android apps. …
A Malware Analysis And Artifact Capture Tool, Dallas Wright, Josh Stroschein
A Malware Analysis And Artifact Capture Tool, Dallas Wright, Josh Stroschein
Research & Publications
Malware authors attempt to obfuscate and hide their code in its static and dynamic states. This paper provides a novel approach to aid analysis by intercepting and capturing malware artifacts and providing dynamic control of process flow. Capturing malware artifacts allows an analyst to more quickly and comprehensively understand malware behavior and obfuscation techniques and doing so interactively allows multiple code paths to be explored. The faster that malware can be analyzed the quicker the systems and data compromised by it can be determined and its infection stopped. This research proposes an instantiation of an interactive malware analysis and artifact …
Ransomware Behavioural Analysis On Windows Platforms, Nikolai Hampton, Zubair A. Baig, Sherali Zeadally
Ransomware Behavioural Analysis On Windows Platforms, Nikolai Hampton, Zubair A. Baig, Sherali Zeadally
Research outputs 2014 to 2021
Ransomware infections have grown exponentially during the recent past to cause major disruption in operations across a range of industries including the government. Through this research, we present an analysis of 14 strains of ransomware that infect Windows platforms, and we do a comparison of Windows Application Programming Interface (API) calls made through ransomware processes with baselines of normal operating system behaviour. The study identifies and reports salient features of ransomware as referred through the frequencies of API calls
On The Effectiveness Of Generic Malware Models, Naman Bagga, Fabio Di Troia, Mark Stamp
On The Effectiveness Of Generic Malware Models, Naman Bagga, Fabio Di Troia, Mark Stamp
Faculty Publications, Computer Science
Malware detection based on machine learning typically involves training and testing models for each malware family under consideration. While such an approach can generally achieve good accuracy, it requires many classification steps, resulting in a slow, inefficient, and potentially impractical process. In contrast, classifying samples as malware or benign based on more generic “families” would be far more efficient. However, extracting common features from extremely general malware families will likely result in a model that is too generic to be useful. In this research, we perform controlled experiments to determine the tradeoff between generality and accuracy—over a variety of machine …