Antiforensic techniques deployed by custom developed malware in evading anti-virus detection

06/14/2019
by   Ivica Stipovic, et al.
0

Both malware and antivirus detection tools advance in their capabilities. Malware aim is to evade the detection while antivirus is to detect the malware. Over time, the detection techniques evolved from simple static signature matching over antiheuristic analysis to machine learning assisted algorithms. This thesis describes several layers of anti-virus evasion deployed by the malware and conducts the analysis of the evasion success rate. The scientific contribution of this research is in the following techniques the malware used -- the new algorithm for identifying the Windows operating system functions, a new custom developed obfuscation and de-obfuscation routine and the usage of USB and sound devices enumeration in the anti-heuristic detection. The new PE mutation engine facilitates the malware static signature variation. In the next stage of the assessment, anti-virus engines then test the malware evasion capabilities. The locally installed antivirus applications and the two multi-scanner online engines inspect the submitted malware samples. The thesis examines the results and discusses the strengths and weaknesses of each evasion technique.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 12

page 13

12/03/2018

Malware static analysis and DDoS capabilities detection

The present thesis addresses the topic of denial of service capabilities...
05/02/2021

Python and Malware: Developing Stealth and Evasive Malware Without Obfuscation

With the continuous rise of malicious campaigns and the exploitation of ...
01/26/2018

Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learning

Machine learning is a popular approach to signatureless malware detectio...
12/21/2021

Longitudinal Study of the Prevalence of Malware Evasive Techniques

By their very nature, malware samples employ a variety of techniques to ...
09/20/2021

A proactive malicious software identification approach for digital forensic examiners

Digital investigators often get involved with cases, which seemingly poi...
09/25/2020

Evasive Windows Malware: Impact on Antiviruses and Possible Countermeasures

The perpetual opposition between antiviruses and malware leads both part...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.