Talks and Poster Presentations (with Proceedings-Entry):
U. Bayer, E. Kirda, C. Krügel, D. Balzarotti, I. Habibi:
", Insights Into Current Malware Behavior";
Talk: USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET),
Boston, MA, USA;
2009-04-21; in: "2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)",
(2009).
English abstract:
Anubis is a dynamic malware analysis platform that executes submitted binaries in a controlled environment. To perform the analysis, the system monitors the invocation of important Windows API calls and system services, it records the network traffic, and it tracks data flows. For each submission, reports are generated that provide comprehensive reports about the activities of the binary under analysis. Anubis receives malware samples through a public web interface and a number of feeds from security organizations and anti-malware companies. Because the samples are collected from a wide range of users, the collected samples represent a comprehensive and diverse mix of malware found in the wild. In this paper, we aim to shed light on common malware behaviors. To this end, we evaluate the Anubis analysis results for almost one million malware samples, study trends and evolution of malicious behaviors over a period of almost two years, and examine the influence of code polymorphism on malware statistics
Related Projects:
Project Head Wolfgang Kastner:
Pathfinder - Malicious Code Analysis and Detection
Project Head Paolo Milani Comparetti:
Worldwide Observatory of Malicious Behaviors and Attack Threats
Created from the Publication Database of the Vienna University of Technology.