For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
The Cluster Analysis of Multivariable Panel Data and its Application
p.2668
Usage of IEC Standards for Distributed Control Systems Modelling
p.2672
An Integer Programming Optimization Model of Container Shipping of Sea-Carriage
p.2678
Contourlet-1.3 Texture Retrieval Algorithm by Sub-Bands Energy and Consistency
p.2684
A Self-Relocation Based Method for Malware Detection
p.2688
Explore Medicine Using Compression and Partial Least Square Discriminate Analysis Method
p.2694
The IC Card Data Encryption Research Based on the AES Algorithm
p.2698
Practices of XML-Based Parametric Design and Remote Design
p.2702
Research on Optimization of SQLite Indexing Mechanism Based on Red-Black Tree
p.2711

A Self-Relocation Based Method for Malware Detection

Article Preview

Abstract:

Malware (malicious software) is software designed to disrupt computer operation, gather sensitive information, or gain unauthorized access to a computer system. Most malwares propagate themselves throughout the Internet by self-relocation. Self-relocation is a built-in module in most malwares that gets the base address of the code to correctly infect the other programs. Since most legitimate computer programs do not need the self-relocate module, the detection of malware with self-relocation module can be viewed as a promising approach for malware detection. This paper presents a self-relocation based method for both known and previously unknown malwares. The experiments indicate that the proposed approach has better ability to detect known and unknown malwares than other methods.

You might also be interested in these eBooks
Advances in Manufacturing Technology View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 220-223)

Pages:

2688-2693

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.220-223.2688

Citation:

Cite this paper

Online since:

November 2012

Authors:

Yu Zhang, Feng Xia

Keywords:

Malicious Software, Malware Detection, Self-Relocation

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2012 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] Richard Ford, Eugene H. Spafford, Happy birthday, dear viruses. Science, 2007, vol. 317: 210-211.

DOI: 10.1126/science.1140909

Google Scholar

[2] Stephen Trilling, Carey Nachenberg. The future of malware. EICAR Proceedings 1999.

Google Scholar

[3] Sandeep Kumar, Eugene H. Spafford. A generic virus scanner in C++. Proceedings of the 8th Computer Security Applications Conference, 1992, 210-219.

Google Scholar

[4] Nwokedi Idika, Aditya P. Mathur. A Survey of Malware Detection Techniques. http://www.serc.net/report/tr286.pdf, February, 2007.

Google Scholar

[5] Victor Skormin, Alexander Volynkin, Douglas Summerville, et al. In the search of the "gene of self-replication" in malicious codes. Proceedings of IEEE Workshop on Information Assurance and Security, 2005, 193-200.

DOI: 10.1109/iaw.2005.1495952

Google Scholar

[6] V. Skormin, D. Summerville, J. Moronski. Detecting Malicious Codes by the presence of their Gene of Self-Replication, Computer Network Security, Lecture Notes in Computer Science, 2003, vol. 2776.

DOI: 10.1007/978-3-540-45215-7_16

Google Scholar

[7] Douglas Summerville, Victor Skormin, Alexander Volynkin, et al. Prevention of Information Attacks by Run-Time Detection of Self-replication in Computer Codes. Lecture Notes in Computer Science, 2005, vol. 3685: 54 – 75.

DOI: 10.1007/11560326_5

Google Scholar

[8] D. Ellis, J. Aiken, K. Attwood, and S. Tenaglia. A behavioral approach to worm detection. Proceedings of the 2004 ACM Workshop on Rapid Malcode, 2004, 43–53.

DOI: 10.1145/1029618.1029625

Google Scholar

[9] R. Moskovitch, N. Nissim, Y. Elovici. Malicious Code Detection and Acquisition Using Active Learning. IEEE Intelligence and Security Informatics, 2007, 371 – 371.

DOI: 10.1109/isi.2007.379505

Google Scholar

[10] Yuval Elovici, Asaf Shabtai, Robert Moskovitch, et al. Applying Machine Learning Techniques for Detection of Malicious Code in Network Traffic. Proceedings of the 30th Annual German Conference on Artificial Intelligence, 2007, 44-50.

DOI: 10.1007/978-3-540-74565-5_5

Google Scholar

[11] J.Z. Kolter, M.A Maloof. Learning to detect malicious executables in the wild. Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 2004, 470–478.

DOI: 10.1145/1014052.1014105

Google Scholar

[12] Guojpeng/CVC.GB. The analysis of Win32 PE viruses. 2003, http://www.hynubbs.cn/netstar/news_view.asp?id=61.

Google Scholar

[13] Sipser Michael. Introduction to the Theory of Computation, Second Edition, Boston Mass: Thomson Course Technology, 2006.

Google Scholar

[14] VX Heavens. http://vx.netlux.org

Google Scholar

[15] Kaspersky Lab. http://www.kaspersky.com

Google Scholar

[16] J. Y. Xu, A. H. Sung, P. Chavez. Polymorphic malicious executable scanner by API sequence analysis. Fourth International Conference on Hybrid Intelligent Systems, 2004, 378 - 383.

DOI: 10.1109/ichis.2004.75

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.