| dc.creator | Gregio A.R.A. | |
| dc.creator | Afonso V.M. | |
| dc.creator | Filho D.S.F. | |
| dc.creator | De Geus P.L. | |
| dc.creator | Jino M. | |
| dc.creator | Dos Santos R.D.C. | |
| dc.date | 2012 | |
| dc.date | 2015-06-26T20:29:36Z | |
| dc.date | 2015-11-26T14:26:03Z | |
| dc.date | 2015-06-26T20:29:36Z | |
| dc.date | 2015-11-26T14:26:03Z | |
| dc.date.accessioned | 2018-03-28T21:28:54Z | |
| dc.date.available | 2018-03-28T21:28:54Z | |
| dc.identifier | 9783642311277 | |
| dc.identifier | Lecture Notes In Computer Science (including Subseries Lecture Notes In Artificial Intelligence And Lecture Notes In Bioinformatics). , v. 7336 LNCS, n. PART 4, p. 274 - 285, 2012. | |
| dc.identifier | 3029743 | |
| dc.identifier | 10.1007/978-3-642-31128-4_20 | |
| dc.identifier | http://www.scopus.com/inward/record.url?eid=2-s2.0-84863904235&partnerID=40&md5=e8fa7f3e954a1a5f565f80bfd5cce789 | |
| dc.identifier | http://www.repositorio.unicamp.br/handle/REPOSIP/97097 | |
| dc.identifier | http://repositorio.unicamp.br/jspui/handle/REPOSIP/97097 | |
| dc.identifier | 2-s2.0-84863904235 | |
| dc.identifier.uri | http://repositorioslatinoamericanos.uchile.cl/handle/2250/1245950 | |
| dc.description | Malicious programs pose a major threat to Internet-connected systems, increasing the importance of studying their behavior in order to fight against them. In this paper, we propose definitions to the different types of behavior that a program can present during its execution. Based on those definitions, we define suspicious behavior as the group of actions that change the state of a target system. We also propose a set of network and system-level dangerous activities that can be used to denote the malignity in suspicious behaviors, which were extracted from a large set of malware samples. In addition, we evaluate the malware samples according to their suspicious behavior. Moreover, we developed filters to translate from lower-level execution traces to the observed dangerous activities and evaluated them in the context of actual malware. © 2012 Springer-Verlag. | |
| dc.description | 7336 LNCS | |
| dc.description | PART 4 | |
| dc.description | 274 | |
| dc.description | 285 | |
| dc.description | Universidade Federal da Bahia (UFBA),Universidade Federal do Reconcavo da Bahia (UFRB),Universidade Estadual de Feira de Santana (UEFS),University of Perugia,University of Basilicata (UB) | |
| dc.description | Norman Sandbox, , http://www.norman.com/security_center/security_tools/ | |
| dc.description | http://www.threatexpert.com/Afonso, V.M., Filho, D.S.F., Grégio, A.R.A., De Geus, P.L., Jino, M., A hybrid framework to analyze web and os malware Proceedings of the 2012 IEEE International Conference on Communications (ICC) (June 2012) | |
| dc.description | Balzarotti, D., Cova, M., Karlberger, C., Kruegel, C., Kirda, E., Vigna, G., Efficient detection of split personalities in malware 17th Annual Network and Distributed System Security Symposium, NDSS 2010 (February 2010) | |
| dc.description | Bellard, F., Qemu, a fast and portable dynamic translator (2005) USENIX Annual Technical Conference, FREENIX Track, pp. 41-46 | |
| dc.description | Calais, P.H., Pires, D.E.V., Guedes, D.O., Meira, W., Hoepers, C., Steding-jessen, K., A campaign-based characterization of spamming strategies Proceedings of the Fifth Conference on Email and Anti-Spam (CEAS) (2008) | |
| dc.description | Egele, M., Kruegel, C., Kirda, E., Yin, H., Song, D., Dynamic Spyware Analysis (2007) Proceedings of the USENIX Annual Technical Conference, , USENIX Association, Berkeley | |
| dc.description | Filiol, E., Malware pattern scanning schemes secure against black-box analysis (2006) Journal in Computer Virology, 2 (1), pp. 35-50 | |
| dc.description | Filiol, E., Jacob, G., Le Liard, M., Evaluation methodology and theoretical model for antiviral behavioural detection strategies (2007) Journal in Computer Virology, 3 (1), pp. 23-37 | |
| dc.description | Hoglund, G., Butler, J., (2006) Rootkits - Subverting the Windows Kernel, , Addison- Wesley | |
| dc.description | Jacob, G., Debar, H., Filiol, E., Malware Behavioral Detection by Attribute- Automata Using Abstraction from Platform and Language (2009) LNCS, 5758, pp. 81-100. , Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. Springer, Heidelberg | |
| dc.description | Kruegel, C., Kirda, E., Bayer, U., TTAnalyze: A tool for analyzing malware Proceedings of the 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference (April 2006) | |
| dc.description | Kruegel, C., Kirda, E., Bayer, U., Balzarotti, D., Habibi, I., Insights into current malware behavior 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston (April 2009) | |
| dc.description | Martignoni, L., Stinson, E., Fredrikson, M., Jha, S., Mitchell, J.C., A Layered Architecture for Detecting Malicious Behaviors (2008) LNCS, 5230, pp. 78-97. , Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. Springer, Heidelberg | |
| dc.description | Provos, N., Holz, T., (2007) Virtual Honeypots: From Botnet Tracking to Intrusion Detection, , 1st edn. Addison-Wesley Professional | |
| dc.description | Rules for Naming Detected Objects, , http://www.securelist.com/en/%20threats/detect?chapter=136 | |
| dc.description | Willems, C., Holz, T., Freiling, F., Toward Automated Dynamic Malware Analysis Using CWSandbox (2007) IEEE Security and Privacy, 5, pp. 32-39 | |
| dc.language | en | |
| dc.publisher | | |
| dc.relation | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | |
| dc.rights | fechado | |
| dc.source | Scopus | |
| dc.title | Pinpointing Malicious Activities Through Network And System-level Malware Execution Behavior | |
| dc.type | Actas de congresos | |
