MALWARE |
| Malware analysis for windows administrators: Malware detection could be a great hassle for a Windows administrator especially when you have a limited budget and no experience with assembly language programming or code debugging at all. This paper provides information of the freeware tools available online and gives a detailed explanation of the steps to be followed to identify a malware file and the techniques used to protect the network infrastructure. Author: Harlan Carvey Reference: Elsevier Ltd. , 2005.
The genealogy of malware: Today the virus source code information is so freely available on the internet that everyone who can access the internet can write a virus source code by just searching on the internet. Generally Virus code writers follow conventional forms of writing codes but the script kiddies who access the internet tweak the original code and make it more complex to comprehend. The more the code is tweaked the more complicated it becomes. The author researches on the virus codes of recent past and compares them with the original code to show the increased complexity of the code. Author: Fernando de la Cuadra Reference: Network Security, April 2007.
Testing Malware Detectors: Malware detectors are the current Virus scanners which try to identify malware. It becomes a very tough job for the Anti Virus companies to identify various ways in which the Virus writers try to tweak the viruses using stealth coding techniques and present a new version of malware everytime posing a threat to the malware detectors. The authors try to test three of the latest Anti Virus scanners to see their resilience towards various obfuscation transformation techniques. They also try to extract the signatures used by these malware detectors to identify malware considering them to be black boxes. The paper tries to show the vulnerability of these Malware detectors against program obfuscation techniques and how easy it is to extract the signatures from the Malware detectors which were tested. Author: Mihai Christodorescu and Somesh Jha Reference: ISSTA , July 2004.
Parasitic malware: the resurgence of an old threat: The blackhats or the virus-code writers have resurrected the parasitic malware. They have produced almost 150 variants of earlier parasitic malware like Philis and Fujacks. They have also created new viruses using the techniques of parasitic malware such as Grum-A. The writer talks about the way in which these parasitic attacks are launched and the discrepancies which could lead to the identification of such viruses. Author: Simon Heron Reference: Network Security , March 2008.
|