Evasive Windows Malware: Impact on Antiviruses and Possible Countermeasures

09/25/2020
by   Cédric Herzog, et al.
0

The perpetual opposition between antiviruses and malware leads both parties to evolve continuously. On the one hand, antiviruses put in place solutions that are more and more sophisticated and propose more complex detection techniques in addition to the classic signature analysis. This sophistication leads antiviruses to leave more traces of their presence on the machine they protect. To remain undetected as long as possible, malware can avoid executing within such environments by hunting down the modifications left by the antiviruses. This paper aims at determining the possibilities for malware to detect the antiviruses and then evaluating the efficiency of these techniques on a panel of antiviruses that are the most used nowadays. We then collect samples showing this kind of behavior and propose to evaluate a countermeasure that creates false artifacts, thus forcing malware to evade.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

04/05/2021

Advances In Malware Detection- An Overview

Malware has become a widely used means in cyber attacks in recent decade...
06/10/2021

Towards an Automated Pipeline for Detecting and Classifying Malware through Machine Learning

The constant growth in the number of malware - software or code fragment...
06/14/2019

Antiforensic techniques deployed by custom developed malware in evading anti-virus detection

Both malware and antivirus detection tools advance in their capabilities...
01/18/2021

MIMOSA: Reducing Malware Analysis Overhead with Coverings

There is a growing body of malware samples that evade automated analysis...
11/10/2017

Dynamic Analysis of Executables to Detect and Characterize Malware

It is needed to ensure the integrity of systems that process sensitive i...
06/27/2019

A New Malware Detection System Using a High Performance-ELM method

A vital element of a cyberspace infrastructure is cybersecurity. Many pr...
09/13/2021

Malware MultiVerse: From Automatic Logic Bomb Identification to Automatic Patching and Tracing

Malware and other suspicious software often hide behaviors and component...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.