Hackers, viruses and malicious software

2015 ◽  
Author(s):  
Steven Furnell
Keyword(s):  
Malicious Software

scholarly journals Malware Detection Based on Code Visualization and Two-Level Classification

Information ◽  
2021 ◽  
Vol 12 (3) ◽  
pp. 118
Author(s):  
Vassilios Moussas ◽  
Antonios Andreatos
Keyword(s):  
Web Applications ◽  
Detection System ◽  
Malware Detection ◽  
Image Features ◽  
Malicious Code ◽  
Malware Analysis ◽  
Malicious Software ◽  
Antivirus Software ◽  
Malware Classification ◽  
Artificial Neural Network Ann

Malware creators generate new malicious software samples by making minor changes in previously generated code, in order to reuse malicious code, as well as to go unnoticed from signature-based antivirus software. As a result, various families of variations of the same initial code exist today. Visualization of compiled executables for malware analysis has been proposed several years ago. Visualization can greatly assist malware classification and requires neither disassembly nor code execution. Moreover, new variations of known malware families are instantly detected, in contrast to traditional signature-based antivirus software. This paper addresses the problem of identifying variations of existing malware visualized as images. A new malware detection system based on a two-level Artificial Neural Network (ANN) is proposed. The classification is based on file and image features. The proposed system is tested on the ‘Malimg’ dataset consisting of the visual representation of well-known malware families. From this set some important image features are extracted. Based on these features, the ANN is trained. Then, this ANN is used to detect and classify other samples of the dataset. Malware families creating a confusion are classified by a second level of ANNs. The proposed two-level ANN method excels in simplicity, accuracy, and speed; it is easy to implement and fast to run, thus it can be applied to antivirus software, smart firewalls, web applications, etc.

scholarly journals Hfinger: Malware HTTP Request Fingerprinting

Entropy ◽  
2021 ◽  
Vol 23 (5) ◽  
pp. 507
Author(s):  
Piotr Białczak ◽  
Wojciech Mazurczyk
Keyword(s):  
Real World ◽  
Network Traffic ◽  
Experimental Evaluation ◽  
Data Sets ◽  
Real World Data ◽  
Malicious Software ◽  
Default Mode ◽  
World Data ◽  
Effectiveness Analysis ◽  
Http Protocol

Malicious software utilizes HTTP protocol for communication purposes, creating network traffic that is hard to identify as it blends into the traffic generated by benign applications. To this aim, fingerprinting tools have been developed to help track and identify such traffic by providing a short representation of malicious HTTP requests. However, currently existing tools do not analyze all information included in the HTTP message or analyze it insufficiently. To address these issues, we propose Hfinger, a novel malware HTTP request fingerprinting tool. It extracts information from the parts of the request such as URI, protocol information, headers, and payload, providing a concise request representation that preserves the extracted information in a form interpretable by a human analyst. For the developed solution, we have performed an extensive experimental evaluation using real-world data sets and we also compared Hfinger with the most related and popular existing tools such as FATT, Mercury, and p0f. The conducted effectiveness analysis reveals that on average only 1.85% of requests fingerprinted by Hfinger collide between malware families, what is 8–34 times lower than existing tools. Moreover, unlike these tools, in default mode, Hfinger does not introduce collisions between malware and benign applications and achieves it by increasing the number of fingerprints by at most 3 times. As a result, Hfinger can effectively track and hunt malware by providing more unique fingerprints than other standard tools.

Developing an Algorithm for the Application of Bayesian Method to Software Using Artificial Immune Systems

2021 ◽  
Author(s):  
Shafagat Mahmudova
Keyword(s):  
Immune System ◽  
Artificial Immune System ◽  
Bayesian Method ◽  
Artificial Immune Systems ◽  
Artificial Immune ◽  
Computational System ◽  
Malicious Software ◽  
Immune Systems ◽  
Advantages And Disadvantages ◽  
Protection Systems

Abstract This study provides information on artificial immune systems. The artificial immune system is an adaptive computational system that uses models, principles, mechanisms and functions to describe and solve the problems in theoretical immunology. Its application in various fields of science is explored. The theory of natural immune systems and the key features and algorithms of artificial immune system are analyzed. The advantages and disadvantages of protection systems based on artificial immune systems are shown. The methods for malicious software detection are studied. Some works in the field of artificial immune systems are analyzed, and the problems to be solved are identified. A new algorithm is developed for the application of Bayesian method in software using artificial immune systems, and experiments are implemented. The results of the experiment are estimated to be good. The advantages and disadvantages of AIS were shown. To eliminate the disadvantages, perfect AISs should be developed to enable the software more efficient and effective.

scholarly journals Trojan horses in mobile devices

2010 ◽  
Vol 7 (4) ◽  
pp. 813-822 ◽  
Author(s):  
Daniel Fuentes ◽  
Juan Álvarez ◽  
Juan Ortega ◽  
Luis Gonzalez-Abril ◽  
Francisco Velasco
Keyword(s):  
Mobile Devices ◽  
Mobile Device ◽  
Trojan Horse ◽  
Malicious Software ◽  
Loss Of Information ◽  
Malicious User ◽  
Communication Links

This paper focuses on the behavior of Trojan horses in mobile devices. This malicious software tries to steal information from a mobile device while the user is unaware. We describe the communication links through a Trojan horse installed into a mobile device. To demonstrate the effects of a Trojan horse infection we present a practical example on a PDA. Via SMS, the malicious user can access a user?s contacts information through the previous installation of the Trojan horse. The results show that this process means a loss of information and a quantified cost to the attacked user too. This paper proposes different solutions to avoid this malware and its effects.

scholarly journals Blockchain Technology for Management of Intangible Cultural Heritage

2021 ◽  
Vol 2021 ◽  
pp. 1-7
Author(s):  
Shen Lvping
Keyword(s):  
Cultural Heritage ◽  
Management Systems ◽  
Intangible Cultural Heritage ◽  
Data Loss ◽  
Network Attacks ◽  
Malicious Software ◽  
Blockchain Technology ◽  
Intangible Heritage ◽  
Encryption Algorithms

With the development of information technology and network technology, digital archive management systems have been widely used in archive management. Different from the inherent uniqueness and strong tamper-proof modification of traditional paper archives, electronic archives are stored in centralized databases which face more risks of network attacks, data loss, or stealing through malicious software and are more likely to be forged and tampered by internal managers or external attackers. The management of intangible cultural heritage archives is an important part of intangible cultural heritage protection. Because intangible heritage archives are different from traditional official archives, traditional archive management methods cannot be fully applied to intangible heritage archives’ management. This study combines the characteristics of blockchain technology with distributed ledgers, consensus mechanisms, encryption algorithms, etc., and proposes intangible cultural heritage file management based on blockchain technology for the complex, highly dispersed, large quantity, and low quality of intangible cultural heritage files. Optimizing methods, applying blockchain technology to the authenticity protection of electronic archives and designing and developing an archive management system based on blockchain technology, help to solve a series of problems in the process of intangible cultural heritage archives management.

scholarly journals Anti-WebShell PHP Backdoor Scanner pada Linux Server

2020 ◽  
Vol 12 (2) ◽  
pp. 143-153
Author(s):  
Christian Ronaldo Sopaheluwakan ◽  
Dian Widiyanto Chandra
Keyword(s):  
Experimental Method ◽  
Cyber Security ◽  
Web Application ◽  
False Positives ◽  
The Internet ◽  
Application Software ◽  
Malicious Software ◽  
The Past ◽  
The World ◽  
Heuristic Analysis

Backdoor or commonly also known as web shell is one of the malicious software that hackers use to maintain access systems that they have entered. Relatively few programs like Anti Web-Shell, PHP Backdoor Scanner circulating on the Internet, and can be obtained free of charge to deal with the issues above. But most of these programs have no actual database of signature behavior to deal with PHP backdoor / Shell nowadays. Then comes the contemporary Anti Web-Shell program that can deal with today's backdoor shell. This study uses an experimental method concerning previous similar studies and is implemented directly into the world of cyber security professional industries. By enriching the Regex dictionary signature and String Array Matching the actualized Anti Web-Shell program can detect more backdoor than similar programs that have existed in the past. The results of this study are in the form of a web application software in PHP extension. The application can minimize 100% of false positives and is twice as fast in scanning files because it is more specific in heuristic analysis scan.

Sign in / Sign up

Export Citation Format

Share Document