Malware detection method focusing on anti-debugging functions

Kota Yoshizaki, Toshihiro Yamauchi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Malware has received much attention in recent years. Antivirus software is widely used as a countermeasure against malware. However, some kinds of malware can evade detection by antivirus software, hence, a new detection method is required. In this paper, we propose a malware detection method that focuses on Anti-Debugging functions. An Anti-Debugging function is a method that prevents malware analysts from analyzing an application program (AP). The function can form part of benign as well as malicious APs. Our method focuses on a behavioral difference between benign and malicious APs and detects malware by comparing the two behavioral patterns. Evaluation results with malware confirmed our method to be capable of successfully detecting malware.

Original languageEnglish
Title of host publicationProceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages563-566
Number of pages4
ISBN (Electronic)9781479941520
DOIs
Publication statusPublished - Feb 27 2015
Event2nd International Symposium on Computing and Networking, CANDAR 2014 - Shizuoka, Japan
Duration: Dec 10 2014Dec 12 2014

Publication series

NameProceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014

Other

Other2nd International Symposium on Computing and Networking, CANDAR 2014
CountryJapan
CityShizuoka
Period12/10/1412/12/14

Keywords

  • Anti-debugging
  • Malware detection
  • Security

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Malware detection method focusing on anti-debugging functions'. Together they form a unique fingerprint.

  • Cite this

    Yoshizaki, K., & Yamauchi, T. (2015). Malware detection method focusing on anti-debugging functions. In Proceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014 (pp. 563-566). [7052247] (Proceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CANDAR.2014.36