An Unknown Malware Detection Using Execution Registry Access

Kento Kono, Sanouphab Phomkeona, Koji Okamura

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    1 Citation (Scopus)

    Abstract

    Traditional antivirus software is using virus definition to identify malware infection. In addition, antivirus needs to update the new virus definitions to guarantee its detection accuracy. However, due to the number of malware variants and new types of them are increase, it is very difficult to detect and respond them all. Moreover, there will be a serious incident if an unknown malware that did not correspond to the data definition had installed and expanded the infection without any notification. Therefore, in this paper we proposed a method to detect malware infection focus on registry accesses and malware execution processes based on Windows OS host pc. By using URSNIF banking spyware in experiments, we calculated its high failure rate of registry accesses as well as checked on specific access to confirmed the detection result.

    Original languageEnglish
    Title of host publicationProceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018
    EditorsClaudio Demartini, Sorel Reisman, Ling Liu, Edmundo Tovar, Hiroki Takakura, Ji-Jiang Yang, Chung-Horng Lung, Sheikh Iqbal Ahamed, Kamrul Hasan, Thomas Conte, Motonori Nakamura, Zhiyong Zhang, Toyokazu Akiyama, William Claycomb, Stelvio Cimato
    PublisherIEEE Computer Society
    Pages487-491
    Number of pages5
    ISBN (Electronic)9781538626665
    DOIs
    Publication statusPublished - Jun 8 2018
    Event42nd IEEE Computer Software and Applications Conference, COMPSAC 2018 - Tokyo, Japan
    Duration: Jul 23 2018Jul 27 2018

    Publication series

    NameProceedings - International Computer Software and Applications Conference
    Volume2
    ISSN (Print)0730-3157

    Other

    Other42nd IEEE Computer Software and Applications Conference, COMPSAC 2018
    Country/TerritoryJapan
    CityTokyo
    Period7/23/187/27/18

    All Science Journal Classification (ASJC) codes

    • Software
    • Computer Science Applications

    Fingerprint

    Dive into the research topics of 'An Unknown Malware Detection Using Execution Registry Access'. Together they form a unique fingerprint.

    Cite this