Novel Malware Clustering System Based on Kernel Data Structure
Journal Title: IOSR Journals (IOSR Journal of Computer Engineering) - Year 2015, Vol 17, Issue 6
Abstract
Abstract : An operating system kernel is the prime of system software, responsible for the integrity and conventional computer system’s operations. Traditional malware detection approaches have based on the codecentricaspects of malicious programs, e.g. injection of unauthorized code or the control flow patterns of malware programs. In response to these malware detection strategies, modern malware focus on advanced techniques such as reusing existing code or complicated malware code to circumvent detection. A new perspective is introduced to detect malware which is different from code-centric approaches. The data centric malware defense architecture (DMDA) is introduced which models and detects malware behavior. This architecture is based on properties of the kernel data objects that are targeted during malware attacks. This architecture requires external monitoring. External monitor resides outside the monitored kernel and ensures temper-resistance. This architecture consists of three core system components that enable inspection of the kernel data properties and depending upon these properties from malware cluster. The system clusters malware depending upon the kernel data objects.
Authors and Affiliations
Bhandare Trupti Vasantrao , Pramod B. Mali
Keywords
Related Articles
- EP ID EP128051
- DOI -
- Views 101
- Downloads 0
Simulation of ONVIF Network Devices Using JAVA
Abstract : In today’s world, cross platform integration of application plays important role to achieve economic viability and usability of the product. This paper describes technical details of the successfully implement...
PATH PLANNING TECHNIQUES FOR MOBILE ROBOT: A REVIEW
The ability of a mobile robot to plan its path, avoid obstacles and optimize in static as well as dynamic environments is the key task in the field of robotics, which tends to find the shortest, collision free, optimal p...
Efficient Data Caching Based On Fuzzy Decision Routing InVehicle Disruption Tolerant Networks
Abstract: Disruption tolerant networks (DTNs) are characterized by low node density, unpredictable nodemobility, and lack of global network information. Most of current research efforts in DTNs focus on dataforward...
Communist Manifesto Marx’s Published Work (1818-1883):A Critique
This study titled “Communist Manifesto; Marx’s Published Work (1818-1883): A critique has been carried out to briefly examine the biography of Marx, his philosophical ideas and intellectual role, as the most great...
Protocols for detection of node replication attack on wireless sensor network
Wireless sensor network has many small sensor nodes that work in collaborative manner to achieve a specific task. But it is deployed in unattended environment and that is why it is prone to attacks. These a...