An Improved Process Supervision and Control Method for Malware Detection

IAJIT
Archive
- Volume 20, 2023
  
  January 2023, No.1
  
  March 2023, No.2
- Volume 19, 2022
  
  January 2022, No.1
  
  March 2022, No.2
  
  May 2022, No. 3
  
  Special Issue 2022, No. 3A
  
  July 2022, No. 4
  
  September 2022, No. 5
  
  November 2022, No. 6
- Volume 18, 2021
  
  January 2021, No.1
  
  March 2021, No.2
  
  May 2021, No. 3
  
  Special Issue 2021, No. 3A
  
  July 2021, No. 4
  
  September 2021, No. 5
  
  November 2021, No. 6
- Volume 17, 2020
  
  January 2020, No.1
  
  March 2020, No. 2
  
  May 2020, No. 3
  
  July 2020, No. 4
  
  Special Issue 2020, No. 4A
  
  September 2020, No. 5
  
  November 2020, No. 6
- Volume 16, 2019
  
  January 2019, No.1
  
  March 2019, No. 2
  
  May 2019, No. 3
  
  Special Issue 2019, No. 3A
  
  July 2019, No. 4
  
  September 2019, No. 5
  
  November 2019, No. 6
- Volume 15, 2018
  
  January 2018, No.1
  
  March 2018, No. 2
  
  May 2018, No. 3
  
  Special Issue 2018, No. 3A
  
  July 2018, No. 4
  
  September 2018, No. 5
  
  November 2018, No. 6
- Volume 14, 2017
  
  January 2017, No.1
  
  March 2017, No. 2
  
  May 2017, No. 3
  
  July 2017, No. 4
  
  pecial Issue 2017, No. 4A
  
  September 2017, No 5
  
  November 2017, No. 6
- Volume 13, 2016
  
  January 2016. No.1
  
  March 2016, No. 2
  
  May 2016, No. 3
  
  July 2016, No.4
  
  September 2016, No.5
  
  November 2016, No.6
- Volume 12, 2015
  
  January 2015. No.1
  
  March 2015. No.2
  
  May 2015. No.3
  
  July 2015. No.4
  
  September 2015. No. 5
  
  November 2015. No. 6
  
  December 2015. No. 6A
- Volume 11, 2014
  
  January 2014, No.1
  
  March 2014, No.2
  
  May 2014, No.3
  
  July 2014, No.4
  
  November 2014, No.6
- Volume 10, 2013
  
  January 2013, No. 1
  
  March 2013, No.2
  
  May 2013, No. 3
  
  July 2013, No. 4
  
  November 2013, No. 6
- Volume 9, 2012
  
  January 2012, No. 1
  
  March 2012, No. 2
  
  May 2012, No. 3
  
  July 2012, No. 4
  
  September 2012, No. 5
  
  November 2012, No. 6
- Volume 8, 2011
  
  January 2011, No 1
  
  April 2011, No. 2
  
  July 2011, No. 3
  
  October 2011, No.4
- Volume 7, 2010
  
  October 2010, No. 4
  
  July 2010, No. 3
  
  April 2010, No. 2
  
  January 2010, No. 1
- Volume 6, 2009
  
  January 2009, No. 1
  
  April 2009, No. 2
  
  July 2009, No. 3
  
  October 2009, No. 4
  
  November 2009, No. 5
- Volume 5, 2008
  
  January 2008, No. 1
  
  April 2008, No.2
  
  July 2008, No. 3
  
  October 2008, No. 4
- Volume 4, 2007
  
  January 2007, No. 1
  
  April 2007, No. 2
  
  July 2007, No.3
  
  October 2007, No. 4
- Volume 3, 2006
  
  January 2006, No. 1
  
  April 2006, No. 2
  
  July 2006, No. 3
  
  October 2006, No. 4
- Volume 2, 2005
  
  January 2005, No. 1
  
  April 2005, No. 2
  
  July 2005, No. 3
  
  October 2005, No. 4
- Volume 1, 2003-2004
  
  July 2004, No. 2
  
  January 2004, No. 1
  
  July 2003, No. 0
About IAJIT
About CCIS
IAJIT Impact Factor

An Improved Process Supervision and Control Method for Malware Detection

Written by Ghadeer
Update: 30/06/2022

font size decrease font size increase font size
Print
Email
Rate this item
- 1
- 2
- 3
- 4
- 5
(0 votes)

An Improved Process Supervision and Control Method for Malware Detection

Behnam Shamshirsaz

Department of Electrical and Computer Engineering, Kharazmi University, Iran

This email address is being protected from spambots. You need JavaScript enabled to view it.

Seyyed Amir Asghari

Department of Electrical and Computer Engineering, Kharazmi University, Iran

This email address is being protected from spambots. You need JavaScript enabled to view it.

Mohammadreza Binesh Marvasti

Department of Electrical and Computer Engineering, Kharazmi University, Iran

This email address is being protected from spambots. You need JavaScript enabled to view it.

Abstract: Most modern-day malware detection methods and algorithms are based on prior knowledge of malware specifications. Discovering new malwares by solely relying on computer based automatic solutions with no human intervention currently appears out of reach. Many malwares never decode harmful parts of their code until the triggering of a specific event. Others detect virtual machine or sandbox environments and hide their true nature. Detecting these kinds of malwares-specifically multi evented ones-are nearly impossible for fully automatic detection methods. Previous research found that about 75% of malwares studied did not react in a fully automatic environment without user intervention thus being undetectable. This paper introduces a near automated solution to detect malwares quickly by relying on a supervision and control method based on user level capabilities of the operating system. Improving on previous methods, this research can replace the need for debugging new malwares in almost all aspects. This solution forces malwares in automated environments to activate and be discoverable. Researcher intervention during malware code execution along with the malware’s intent over calling sensitive operating system functions and parameters aid this process. Since operating system functions are virtualized malwares are incapable of physically harming the system during execution. The solution reached 98% overall accuracy in conjunction with reducing code size by 80% in comparison with similar techniques, improving simplicity and reliability.

Keywords: Mid-level code, malware detection, process supervision, microsoft windows, anti-virus, endpoint detection and response.

Received November 12, 2019; accepted February 9, 2021

https://doi.org/10.34028/iajit/19/4/9

Full text

Read 387 times

Published in July 2022, No. 4

Tagged under

Share

Ghadeer

Latest from Ghadeer

More in this category: « Deep Learning Shape Trajectories for Isolated Word Sign Language Recognition Software Project Duration Estimation Based on COSMIC Method Applied to Data Flow Diagram »