Title :
Malware Detection Method Focusing on Anti-debugging Functions
Author :
Yoshizaki, Kota ; Yamauchi, Toshihiro
Author_Institution :
Grad. Sch. of Natural Sci. & Technol., Okayama Univ., Okayama, Japan
Abstract :
Malware has received much attention in recent years. Antivirus software is widely used as a countermeasure against malware. However, some kinds of malware can evade detection by antivirus software, hence, a new detection method is required. In this paper, we propose a malware detection method that focuses on Anti-Debugging functions. An Anti-Debugging function is a method that prevents malware analysts from analyzing an application program (AP). The function can form part of benign as well as malicious APs. Our method focuses on a behavioral difference between benign and malicious APs and detects malware by comparing the two behavioral patterns. Evaluation results with malware confirmed our method to be capable of successfully detecting malware.
Keywords :
invasive software; anti-debugging function; antivirus software; application program; behavioral pattern; benign AP; malicious AP; malware detection method; Debugging; Detectors; Educational institutions; Focusing; Internet; Malware; Software; anti-debugging; malware detection; security;
Conference_Titel :
Computing and Networking (CANDAR), 2014 Second International Symposium on
DOI :
10.1109/CANDAR.2014.36
