2018
DOI: 10.15332/iteckne.v15i2.2072
|View full text |Cite
|
Sign up to set email alerts
|

Building malware classificators usable by State security agencies

Abstract: Sandboxing has been used regularly to analyze software samples and determine if these contain suspicious properties or behaviors. Even if sandboxing is a powerful technique to perform malware analysis, it requires that a malware analyst performs a rigorous analysis of the results to determine the nature of the sample: goodware or malware. This paper proposes two machine learning models able to classify samples based on signatures and permissions obtained through Cuckoo sandbox, Androguard and VirusTotal. The d… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
2
0

Year Published

2021
2021
2022
2022

Publication Types

Select...
3

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(3 citation statements)
references
References 16 publications
0
2
0
Order By: Relevance
“…Hasil dari penelitian tersebut menunjukkan bahwa seluruh sampel malware URSNIF melakukan akses terhadap registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run. Penelitian David Orlando [11] juga melakukan analisis menggunakan cuckoo. Cuckoo dinilai mempunyai kemampuan mengisolasi lingkungan yang baik dan dapat digunakan sebagai standar pengujian.…”
Section: Kata Kunci-cuckoo Malware Registry Windows Regshotunclassified
“…Hasil dari penelitian tersebut menunjukkan bahwa seluruh sampel malware URSNIF melakukan akses terhadap registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run. Penelitian David Orlando [11] juga melakukan analisis menggunakan cuckoo. Cuckoo dinilai mempunyai kemampuan mengisolasi lingkungan yang baik dan dapat digunakan sebagai standar pengujian.…”
Section: Kata Kunci-cuckoo Malware Registry Windows Regshotunclassified
“…e infection or malware propagation rate is generally considered a constant in typical SEIRS models. However, we believe that such a rate variate over time depending on the circumstances of the infection and the environment [18], including the different reactive countermeasures deployed to contain the attack [19]. Particularly, when the malware outbreaks, a high number of infected hosts might be reached in a short time, which is called a peak, leading to a high infection rate β 0 ∈ [0, 1].…”
Section: Infection Rate β(T)mentioning
confidence: 99%
“…To this extent, cybersecurity aims to protect data and technological infrastructure in different spheres, e.g., personal, familiar, business, and social. In fact, different efforts have been made to contribute in such ways, for example, to protect persons against online sex offenders [1], to defend IoT devices from attacks against data or services [2], to make smart cities' infrastructure more resilient [3], to implement cybersecurity in distributed organizations [4], and to support LEA's (Law Enforcement Agencies) in the detection of malware [5] or in the prevention of cybercrimes [6]. Additionally, cybersecurity has also been considered a field of knowledge that goes beyond the validation of identity, protection of access, and monitorization of actions.…”
Section: Introductionmentioning
confidence: 99%