Vorträge und Posterpräsentationen (mit Tagungsband-Eintrag):
U. Bayer, E. Kirda, C. Krügel, D. Balzarotti, I. Habibi:
", Insights Into Current Malware Behavior";
Vortrag: USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET),
Boston, MA, USA;
21.04.2009; in: "2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)",
(2009).
Kurzfassung englisch:
Anubis is a dynamic malware analysis platform that executes submitted binaries in a controlled environment. To perform the analysis, the system monitors the invocation of important Windows API calls and system services, it records the network traffic, and it tracks data flows. For each submission, reports are generated that provide comprehensive reports about the activities of the binary under analysis. Anubis receives malware samples through a public web interface and a number of feeds from security organizations and anti-malware companies. Because the samples are collected from a wide range of users, the collected samples represent a comprehensive and diverse mix of malware found in the wild. In this paper, we aim to shed light on common malware behaviors. To this end, we evaluate the Anubis analysis results for almost one million malware samples, study trends and evolution of malicious behaviors over a period of almost two years, and examine the influence of code polymorphism on malware statistics
Zugeordnete Projekte:
Projektleitung Wolfgang Kastner:
Pathfinder - Malicious Code Analysis and Detection
Projektleitung Paolo Milani Comparetti:
Worldwide Observatory of Malicious Behaviors and Attack Threats
Erstellt aus der Publikationsdatenbank der Technischen Universität Wien.