Malware Static Analysis on Microsoft Macro Attack

In the 21st century, technology is increasing rapidly, the increase in technology is the potential for cyber attacks on today's technological infrastructure. Malware that is designed to damage computer systems without the owner's knowledge at a considerable cost becomes a cyber crime. This macro malware analysis is to study the code and behavior of malware when run on an operating system. To analyze this malware, this study uses a static analysis method by analyzing malware without running the program.

Download Full-text

ADVANCED METHOD OF ANALYSIS OF MALICIOUS SOFTWARE FOR THE PURPOSE OF CREATING SIGNATURES

Visnyk Universytetu “Ukraina” ◽

10.36994/2707-4110-2020-1-28-14 ◽

2020 ◽

pp. 161-170

Author(s):

Serhii Yehorov ◽

Tetyana Shkvarnytska

Keyword(s):

Operating System ◽

Static Analysis ◽

Analysis Method ◽

Timely Manner ◽

Network Attacks ◽

Malicious Software ◽

Network Attack ◽

Software Update ◽

Urgent Task ◽

Software Updates

The method of basic static analysis of harmful software is considered, which is based on searching and analyzing the term in files that are built using the PE (Portable Executable) format. The method of basic static analysis of malicious software is considered, which is based on the analysis of headers of executable files, and dynamic libraries, which are built using the PE format. An extended static analysis method is considered, which, in addition to analyzing the term and file headers, uses disassembly of executable files and dynamic libraries and further analysis of the resulting assembler text. In order to penetrate the operating system, cybercriminals use specialized software and network attacks. Moreover, a network attack does not have to be massive and widespread. To penetrate a particular operating system, for example, you can take advantage of vulnerabilities in both the operating system itself and the software that is installed on such an operating system. Moreover, successful attacks of this type are often made quiet and unobtrusive. To prevent hacker attacks that are accompanied by hidden software installation and to minimize harm from such attacks, it is necessary to apply adequate countermeasures in a timely manner. One of the most widespread and easy methods of fighting hackers is the timely updating of software, virus databases, installation and configuration of a firewall. Everything related to software updates is a reaction to threats that have already been identified. Therefore, the software update does not provide protection against the threats just identified. That is why the signatures of virus databases are created as a result of the analysis of the detected virus programs. Antivirus software also uses program behavior analysis to enhance the detection of malware. But even in this case, it is necessary to analyze the disassembled text of malicious software to identify new types of abnormal activity. Therefore, the analysis of malicious software is an urgent task and determines the direction of the study.

Download Full-text

Sufficiency of Sri Lankan Cyber Crime Laws to Safeguard the It Professionals and Victims of Cyber Attacks

SSRN Electronic Journal ◽

10.2139/ssrn.3514806 ◽

2019 ◽

Author(s):

Asiri Iroshan

Keyword(s):

Cyber Attacks ◽

Sri Lankan ◽

Cyber Crime ◽

It Professionals

Download Full-text

Platform Independent Analysis of Probabilities on Multithreaded Programs

International Journal of Software Innovation ◽

10.4018/ijsi.2013070104 ◽

2013 ◽

Vol 1 (3) ◽

pp. 48-65

Author(s):

Yuting Chen

Keyword(s):

Operating System ◽

Static Analysis ◽

Main Idea ◽

Experimental Results ◽

Machine To Machine ◽

Concurrent Program ◽

Acceptable Accuracy ◽

Multithreaded Programs ◽

Independent Analysis ◽

And Performance

A concurrent program is intuitively associated with probability: the executions of the program can produce nondeterministic execution program paths due to the interleavings of threads, whereas some paths can always be executed more frequently than the others. An exploration of the probabilities on the execution paths is expected to provide engineers or compilers with support in helping, either at coding phase or at compile time, to optimize some hottest paths. However, it is not easy to take a static analysis of the probabilities on a concurrent program in that the scheduling of threads of a concurrent program usually depends on the operating system and hardware (e.g., processor) on which the program is executed, which may be vary from machine to machine. In this paper the authors propose a platform independent approach, called ProbPP, to analyzing probabilities on the execution paths of the multithreaded programs. The main idea of ProbPP is to calculate the probabilities on the basis of two kinds of probabilities: Primitive Dependent Probabilities (PDPs) representing the control dependent probabilities among the program statements and Thread Execution Probabilities (TEPs) representing the probabilities of threads being scheduled to execute. The authors have also conducted two preliminary experiments to evaluate the effectiveness and performance of ProbPP, and the experimental results show that ProbPP can provide engineers with acceptable accuracy.

Download Full-text

Automatic Malicious Code Classification System through Static Analysis Using Machine Learning

Symmetry ◽

10.3390/sym13010035 ◽

2020 ◽

Vol 13 (1) ◽

pp. 35

Author(s):

Sungjoong Kim ◽

Seongkyu Yeom ◽

Haengrok Oh ◽

Dongil Shin ◽

Dongkyoo Shin

Keyword(s):

Machine Learning ◽

Static Analysis ◽

Information And Communication Technology ◽

Communication Technology ◽

Classification System ◽

Daily Life ◽

Malicious Code ◽

Access To Information ◽

Analysis Method ◽

Information And Communication

The development of information and communication technology (ICT) is making daily life more convenient by allowing access to information at anytime and anywhere and by improving the efficiency of organizations. Unfortunately, malicious code is also proliferating and becoming increasingly complex and sophisticated. In fact, even novices can now easily create it using hacking tools, which is causing it to increase and spread exponentially. It has become difficult for humans to respond to such a surge. As a result, many studies have pursued methods to automatically analyze and classify malicious code. There are currently two methods for analyzing it: a dynamic analysis method that executes the program directly and confirms the execution result, and a static analysis method that analyzes the program without executing it. This paper proposes a static analysis automation technique for malicious code that uses machine learning. This classification system was designed by combining a method for classifying malicious code using a portable executable (PE) structure and a method for classifying it using a PE structure. The system has 98.77% accuracy when classifying normal and malicious files. The proposed system can be used to classify various types of malware from PE files to shell code.

Download Full-text

Hypervisor-assisted dynamic malware analysis

Cybersecurity ◽

10.1186/s42400-021-00083-9 ◽

2021 ◽

Vol 4 (1) ◽

Author(s):

Roee S. Leon ◽

Michael Kiperberg ◽

Anat Anatey Leon Zabag ◽

Nezer Jacob Zaidenberg

Keyword(s):

Dynamic Analysis ◽

Static Analysis ◽

Cyber Security ◽

Malware Analysis ◽

Analysis Tools ◽

Significant Performance

AbstractMalware analysis is a task of utmost importance in cyber-security. Two approaches exist for malware analysis: static and dynamic. Modern malware uses an abundance of techniques to evade both dynamic and static analysis tools. Current dynamic analysis solutions either make modifications to the running malware or use a higher privilege component that does the actual analysis. The former can be easily detected by sophisticated malware while the latter often induces a significant performance overhead. We propose a method that performs malware analysis within the context of the OS itself. Furthermore, the analysis component is camouflaged by a hypervisor, which makes it completely transparent to the running OS and its applications. The evaluation of the system’s efficiency suggests that the induced performance overhead is negligible.

Download Full-text

John Locke‚Äôs Continuing Influence on Organization Theory and Behavior Entering the 21st Century

Public Administration and Public Policy - Handbook of Organization Theory and Management ◽

10.1201/9781420026436.ch9 ◽

2005 ◽

Author(s):

Mark Griffith

Keyword(s):

21St Century ◽

Organization Theory ◽

John Locke ◽

And Behavior

Download Full-text

Interaksi Edukatif dalam Al-Qur`an

IQRO: Journal of Islamic Education ◽

10.24256/iqro.v1i2.558 ◽

2018 ◽

Vol 1 (2) ◽

pp. 207-214

Author(s):

Alimuddin Alimuddin

Keyword(s):

Qualitative Research ◽

Content Analysis ◽

Research Literature ◽

Research Approach ◽

Analysis Method ◽

Interactive Education ◽

Library Research ◽

Content Analysis Method ◽

And Behavior ◽

Education Concept

This research aims at analysing the interactive education concept in Qur’an wich examines specifically surah al-Baqarah (2) verse 133 and surah al-Saffat (37) verse 102. This research applied both qualitative research approach and are uses type of research literature (Library Research). The technique of data collection carried out in this Reseach was decomentation techniques. Furthermore, the collected data was analysed by using the content Analysis Method. The finding shows that educative interaction in the koran has purposes of promoting a generation of monotheism (Tauhid) to Allah, diligent in worship, and noble character. The achievement is significantly influenced by the personality influenced by the personality of an educator who is patient, caring, and knows the students’ psychology. Moreover, an educative interaction within Qur’an to correspond between values, knowledge and behavior wich lead the learners to be great figures, being able to build a mindset namely scientific thought and noble character.

Download Full-text

UNDERSTANDING THE RELIGIOUS TOLERANCE IN INDONESIA: THE ISLAMIC THEOLOGICAL PERSPECTIVES

Humanities & Social Sciences Reviews ◽

10.18510/hssr.2020.8184 ◽

2020 ◽

Vol 8 (1) ◽

pp. 699-706

Author(s):

Adeng Muchtar Ghazali ◽

Aan Hasanah

Keyword(s):

Research Methodology ◽

Logical Consequence ◽

Main Tool ◽

Early Age ◽

Analysis Method ◽

Religious Thought ◽

Integrative Education ◽

Religious Doctrine ◽

Content Analysis Method ◽

And Behavior

Purpose of the study: The purpose of this paper is to elaborate methodological diversities in understanding religions both in internal and external circles and contexts are seen from Islamic theological perspectives. Methodology: The research methodology used in this study is a qualitative analysis, using content analysis method. Main Findings: The diversity of religious beliefs and religious understandings needs to be interpreted as a logical consequence of divine provisions. Methodologically, however, an individual’s belief cannot be adjudged right or wrong without understanding socio-cultural, referent, educational, and other external background experience shaping his belief and diversity. Applications of this study: Understanding and tolerant behavior in the diversity of beliefs in Indonesian society is necessary to create inter and inter-religious harmony, to realize a solid nation and state of life. Therefore, a comprehensive effort is needed to minimize intolerant understanding and behavior in the community from an early age, through integrative education and learning. Novelty/Originality of this study: Generally, research methodology on religion using religious doctrine as the main tool in the analysis of religious thought. This article presents a point of equilibrium between doctrine and

Download Full-text

Static Analysis Method

Encyclopedia of Ocean Engineering ◽

10.1007/978-981-10-6963-5_154-1 ◽

2020 ◽

pp. 1-4

Author(s):

Gang MA ◽

Hongwei Wang

Keyword(s):

Static Analysis ◽

Analysis Method

Download Full-text

Cybercrime Investigation

Cybersecurity Breaches and Issues Surrounding Online Threat Protection - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-1941-6.ch005 ◽

2017 ◽

pp. 96-120

Author(s):

Sujitha S. ◽

Parkavi R.

Keyword(s):

Law Enforcement ◽

Cyber Security ◽

Security And Privacy ◽

Malware Analysis ◽

Cyber Crime ◽

Ddos Attacks ◽

Enforcement Policy ◽

Control Devices ◽

The Law

This book chapter will be an introduction to hacking, DDOS attacks and Malware Analysis. This chapter will also describe about the cyber-crime against properties and Persons and will give a detailed description about the cyber security and privacy. This chapter will deal with the cyber-crime investigations, law enforcement policy and procedures. This chapter will also describe about the peer supporting programs for the law enforcement authorities and a detailed description about the control devices and techniques that are used by an officer. This chapter will give an opportunity to know about the evidence collecting procedures in cyber-crime and also the barriers to cybercrime investigations.

Download Full-text