Evasive Windows Malware: Impact on Antiviruses and Possible Countermeasures

by   Cédric Herzog, et al.

The perpetual opposition between antiviruses and malware leads both parties to evolve continuously. On the one hand, antiviruses put in place solutions that are more and more sophisticated and propose more complex detection techniques in addition to the classic signature analysis. This sophistication leads antiviruses to leave more traces of their presence on the machine they protect. To remain undetected as long as possible, malware can avoid executing within such environments by hunting down the modifications left by the antiviruses. This paper aims at determining the possibilities for malware to detect the antiviruses and then evaluating the efficiency of these techniques on a panel of antiviruses that are the most used nowadays. We then collect samples showing this kind of behavior and propose to evaluate a countermeasure that creates false artifacts, thus forcing malware to evade.



There are no comments yet.


page 1

page 2

page 3

page 4


Advances In Malware Detection- An Overview

Malware has become a widely used means in cyber attacks in recent decade...

Towards an Automated Pipeline for Detecting and Classifying Malware through Machine Learning

The constant growth in the number of malware - software or code fragment...

Antiforensic techniques deployed by custom developed malware in evading anti-virus detection

Both malware and antivirus detection tools advance in their capabilities...

MIMOSA: Reducing Malware Analysis Overhead with Coverings

There is a growing body of malware samples that evade automated analysis...

Dynamic Analysis of Executables to Detect and Characterize Malware

It is needed to ensure the integrity of systems that process sensitive i...

A New Malware Detection System Using a High Performance-ELM method

A vital element of a cyberspace infrastructure is cybersecurity. Many pr...

Malware MultiVerse: From Automatic Logic Bomb Identification to Automatic Patching and Tracing

Malware and other suspicious software often hide behaviors and component...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.