Investigation of bypassing malware defences and malware detections
Nowadays, malware incident is one of the most expensive damages caused by attackers. Malwares are caused different attacks, so considerations and implementations of malware defences for internal networks are important. In this papers, different techniques such as repacking, reverse engineering and...
| Main Authors: | , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
IEEE
2011
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/45376/ http://psasir.upm.edu.my/id/eprint/45376/1/Investigation%20of%20bypassing%20malware%20defences%20and%20malware%20detections.pdf |
| _version_ | 1848850496647856128 |
|---|---|
| author | Daryabar, Farid Dehghantanha, Ali Udzir, Nur Izura |
| author_facet | Daryabar, Farid Dehghantanha, Ali Udzir, Nur Izura |
| author_sort | Daryabar, Farid |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | Nowadays, malware incident is one of the most expensive damages caused by attackers. Malwares are caused different attacks, so considerations and implementations of malware defences for internal networks are important.
In this papers, different techniques such as repacking, reverse engineering and hex editing for bypassing host-based Anti Virus (AV) signatures are illustrated, and the description and comparison of different channels and methods when malware might reach the host from outside the networks are demonstrated. After that, bypassing HTTP/SSL and SMTP malware defences as channels are discussed. Finally, as it is important to find and detect new and unknown malware before the malware gets in to the victims, a new malware detection technique base on honeynet systems is surveyed. |
| first_indexed | 2025-11-15T10:07:13Z |
| format | Conference or Workshop Item |
| id | upm-45376 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T10:07:13Z |
| publishDate | 2011 |
| publisher | IEEE |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-453762020-08-05T07:19:40Z http://psasir.upm.edu.my/id/eprint/45376/ Investigation of bypassing malware defences and malware detections Daryabar, Farid Dehghantanha, Ali Udzir, Nur Izura Nowadays, malware incident is one of the most expensive damages caused by attackers. Malwares are caused different attacks, so considerations and implementations of malware defences for internal networks are important. In this papers, different techniques such as repacking, reverse engineering and hex editing for bypassing host-based Anti Virus (AV) signatures are illustrated, and the description and comparison of different channels and methods when malware might reach the host from outside the networks are demonstrated. After that, bypassing HTTP/SSL and SMTP malware defences as channels are discussed. Finally, as it is important to find and detect new and unknown malware before the malware gets in to the victims, a new malware detection technique base on honeynet systems is surveyed. IEEE 2011 Conference or Workshop Item PeerReviewed text en http://psasir.upm.edu.my/id/eprint/45376/1/Investigation%20of%20bypassing%20malware%20defences%20and%20malware%20detections.pdf Daryabar, Farid and Dehghantanha, Ali and Udzir, Nur Izura (2011) Investigation of bypassing malware defences and malware detections. In: 7th International Conference on Information Assurance and Security (IAS 2011), 5-8 Dec. 2011, Melaka, Malaysia. (pp. 173-178). 10.1109/ISIAS.2011.6122815 |
| spellingShingle | Daryabar, Farid Dehghantanha, Ali Udzir, Nur Izura Investigation of bypassing malware defences and malware detections |
| title | Investigation of bypassing malware defences and malware detections |
| title_full | Investigation of bypassing malware defences and malware detections |
| title_fullStr | Investigation of bypassing malware defences and malware detections |
| title_full_unstemmed | Investigation of bypassing malware defences and malware detections |
| title_short | Investigation of bypassing malware defences and malware detections |
| title_sort | investigation of bypassing malware defences and malware detections |
| url | http://psasir.upm.edu.my/id/eprint/45376/ http://psasir.upm.edu.my/id/eprint/45376/ http://psasir.upm.edu.my/id/eprint/45376/1/Investigation%20of%20bypassing%20malware%20defences%20and%20malware%20detections.pdf |