Malware Signature and Behavior Performance Evaluation utilizing Packers
- 26 August 2022
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE) in 2022 2nd Asian Conference on Innovation in Technology (ASIANCON)
Abstract
Malware detection models are being built primarily focusing on signature or behavior type detection. In this paper, anti-forensic techniques are used to hide the malware from malware scanners using various approaches and making different changes to the source code of malware to prevent its detection. In this paper I have worked on two models with interchanging payloads and code segments for analysis to check the performance in each case. In this experiment many samples of malware from the recent attacks covering different malware families and intended attack areas have been used to check detection rates as well as new payloads have been created and merged with the existing malware to understand the behavior and combination of the payloads for multi system attacks and calculate the detection rates making the use of VirusTotal to check the detection. The use of different obfuscation techniques which include encoding the payload, code splitting, adding encryption, backdooring the file, Code injection Payload and finally making the use of different steganographic methods to carry the payload to maintain signature evasion have been used as a technique of payload delivery. The technique of manual unpacking has been used in this paper to unpack the malware and deliver the final attack and a framework of automated deployment methods have been laid for further work.Keywords
This publication has 18 references indexed in Scilit:
- Resurrecting anti-virtualization and anti-debugging: Unhooking your hooksFuture Generation Computer Systems, 2021
- Analysis of Fileless Malware and its Evasive BehaviorPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2020
- Overview of Digital Forensics and Anti-Forensics TechniquesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2020
- Malware Detection & Classification using Machine LearningPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2020
- NeurluxPublished by Association for Computing Machinery (ACM) ,2019
- Malware Dynamic Analysis Evasion TechniquesACM Computing Surveys, 2019
- Malware Evasion Attack and DefensePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2019
- A New Payload Partition Strategy in Color Image SteganographyIEEE Transactions on Circuits and Systems for Video Technology, 2019
- Automatically Inferring Malware Signatures for Anti-Virus Assisted AttacksPublished by Association for Computing Machinery (ACM) ,2017
- Signature Hiding StandardPublished by Association for Computing Machinery (ACM) ,2014