An Unknown Malware Detection Using Execution Registry Access

Kento Kono, Sanouphab Phomkeona, Koji Okamura

    研究成果: Chapter in Book/Report/Conference proceedingConference contribution

    1 被引用数 (Scopus)

    抄録

    Traditional antivirus software is using virus definition to identify malware infection. In addition, antivirus needs to update the new virus definitions to guarantee its detection accuracy. However, due to the number of malware variants and new types of them are increase, it is very difficult to detect and respond them all. Moreover, there will be a serious incident if an unknown malware that did not correspond to the data definition had installed and expanded the infection without any notification. Therefore, in this paper we proposed a method to detect malware infection focus on registry accesses and malware execution processes based on Windows OS host pc. By using URSNIF banking spyware in experiments, we calculated its high failure rate of registry accesses as well as checked on specific access to confirmed the detection result.

    本文言語英語
    ホスト出版物のタイトルProceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018
    編集者Claudio Demartini, Sorel Reisman, Ling Liu, Edmundo Tovar, Hiroki Takakura, Ji-Jiang Yang, Chung-Horng Lung, Sheikh Iqbal Ahamed, Kamrul Hasan, Thomas Conte, Motonori Nakamura, Zhiyong Zhang, Toyokazu Akiyama, William Claycomb, Stelvio Cimato
    出版社IEEE Computer Society
    ページ487-491
    ページ数5
    ISBN(電子版)9781538626665
    DOI
    出版ステータス出版済み - 6 8 2018
    イベント42nd IEEE Computer Software and Applications Conference, COMPSAC 2018 - Tokyo, 日本
    継続期間: 7 23 20187 27 2018

    出版物シリーズ

    名前Proceedings - International Computer Software and Applications Conference
    2
    ISSN(印刷版)0730-3157

    その他

    その他42nd IEEE Computer Software and Applications Conference, COMPSAC 2018
    Country日本
    CityTokyo
    Period7/23/187/27/18

    All Science Journal Classification (ASJC) codes

    • Software
    • Computer Science Applications

    フィンガープリント 「An Unknown Malware Detection Using Execution Registry Access」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

    引用スタイル