An Unknown Malware Detection Using Execution Registry Access

Kento Kono, Sanouphab Phomkeona, Koji Okamura

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Traditional antivirus software is using virus definition to identify malware infection. In addition, antivirus needs to update the new virus definitions to guarantee its detection accuracy. However, due to the number of malware variants and new types of them are increase, it is very difficult to detect and respond them all. Moreover, there will be a serious incident if an unknown malware that did not correspond to the data definition had installed and expanded the infection without any notification. Therefore, in this paper we proposed a method to detect malware infection focus on registry accesses and malware execution processes based on Windows OS host pc. By using URSNIF banking spyware in experiments, we calculated its high failure rate of registry accesses as well as checked on specific access to confirmed the detection result.

Original languageEnglish
Title of host publicationProceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018
EditorsClaudio Demartini, Sorel Reisman, Ling Liu, Edmundo Tovar, Hiroki Takakura, Ji-Jiang Yang, Chung-Horng Lung, Sheikh Iqbal Ahamed, Kamrul Hasan, Thomas Conte, Motonori Nakamura, Zhiyong Zhang, Toyokazu Akiyama, William Claycomb, Stelvio Cimato
PublisherIEEE Computer Society
Pages487-491
Number of pages5
ISBN (Electronic)9781538626665
DOIs
Publication statusPublished - Jun 8 2018
Event42nd IEEE Computer Software and Applications Conference, COMPSAC 2018 - Tokyo, Japan
Duration: Jul 23 2018Jul 27 2018

Publication series

NameProceedings - International Computer Software and Applications Conference
Volume2
ISSN (Print)0730-3157

Other

Other42nd IEEE Computer Software and Applications Conference, COMPSAC 2018
CountryJapan
CityTokyo
Period7/23/187/27/18

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Science Applications

Fingerprint Dive into the research topics of 'An Unknown Malware Detection Using Execution Registry Access'. Together they form a unique fingerprint.

  • Cite this

    Kono, K., Phomkeona, S., & Okamura, K. (2018). An Unknown Malware Detection Using Execution Registry Access. In C. Demartini, S. Reisman, L. Liu, E. Tovar, H. Takakura, J-J. Yang, C-H. Lung, S. I. Ahamed, K. Hasan, T. Conte, M. Nakamura, Z. Zhang, T. Akiyama, W. Claycomb, & S. Cimato (Eds.), Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018 (pp. 487-491). [8377909] (Proceedings - International Computer Software and Applications Conference; Vol. 2). IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2018.10281