Czasopismo
Tytuł artykułu
Autorzy
Warianty tytułu
Języki publikacji
Abstrakty
In the recent years, one can observe the increase in the number of malicious software (malware) samples analyzed by the antivirus companies. One explanation is associated with attacker's antivirus systems hider tactic, which modifies hostile programs form, without changing it functionality. In effect, the first step of analysis is associated with the check if a given sample is a new threat or modification of existing. Very often such simple test can be performed automatically by dedicated information system. Paper describes information system, which allows dynamic analysis of malicious sample. Presented system was developed and deployed in the Institute of Computer Science, Warsaw University of Technology. During performed security research concerning ransomware threats system proves its usefulness. Additionally, the system become a knowledge base of known malware recently analyzed by our security team. (original abstract)
Czasopismo
Rocznik
Tom
Numer
Strony
473--480
Opis fizyczny
Twórcy
autor
- Warsaw University of Technology, Poland
Bibliografia
- [1] McAffe Labs, Threats Report, May 2015, URL: www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2015.pdf
- [2] Symantec, Internet Threat Report, April 2015, URL: https://www4.symantec.com/mktginfo/whitepaper/ISTR/21347932_GA-internet-security-threat-report-volume-20-2015-social_v2.pdf
- [3] Kharraz A., Robertson W., Balzarotti D., Bilge L., Kirda E. (2015) Cutting the Gordian Knot: A Look Under the Hood of Ransomware, 12th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Milan, Italy.
- [4] Cabaj K., Gawkowski P., Grochowski K., Osojca D. (2015) Network activity analysis of CryptoWall ransomware, Przegląd Elektrotechniczny, Vol. 91, No 11.
- [5] Cabaj K., Denis M., Buda M. (2013) Management and Analytical Software for Data Gathered from HoneyPot System, Information Systems in Management, WULS Press Warsaw, vol. 2, nr 3, 182-193.
- [6] Cabaj K., Gawkowski P. (2015) HoneyPot systems in practice, Przegląd Elektrotechniczny, Vol. 91, No 2.
- [7] Malwr.com, https://malwr.com/ (last access November 2015).
- [8] Reverse.It, http://www.reverse.it/ (last access November 2015)
Typ dokumentu
Bibliografia
Identyfikatory
Identyfikator YADDA
bwmeta1.element.ekon-element-000171434578