Monitoração de comportamento de malware em sistemas operacionais Windows NT 6.x de 64 bits

Marcus BotacinVitor AfonsoPaulo Lício de GeusAndré Grégio

Malware are persistent threats to systems security that are constantly evolving to prevent detection and dynamic analysis techniques. Currently, there is no known dynamic analysis system (publicly available or described in the literature) that supports 64-bits malware (PE+ format). It is difficult to monitor malware for Windows NT 6.x due to new security mechanisms introduced in these systems, making it expensive to build or port an actual analysis system/tool. In this paper, we present the design and implementation of a novel malware dynamic analysis system for Windows 8, as well as the obstacles and challenges we faced. We present the tests and results of the proposed system, evaluated with 2,937 32 and 64-bit malware samples.

Caso o link acima esteja inválido, faça uma busca pelo texto completo na Web: Buscar na Web

Biblioteca Digital Brasileira de Computação - Contato:
     Mantida por: