Reverse Engineering Malicious Applications

Authors

  • Ioan Cristian Iacob IT&C Security Master Department of Economic Informatics and Cybernetics The Bucharest University of Economic Studies

Keywords:

Reverse Engineering, Applications, Malicious, Security, Malware

Abstract

Detecting new and unknown malware is a major challenge in today’s software. Security profession. A lot of approaches for the detection of malware using data mining techniques have already been proposed. Majority of the works used static features of malware. However, static detection methods fall short of detecting present day complex malware. Although some researchers proposed dynamic detection methods, the methods did not use all the malware features. In this work, an approach for the detection of new and unknown malware was proposed and implemented. Each sample was reverse engineered for analyzing its effect on the operating environment and to extract the static and behavioral features. 

References

http://en.wikipedia.org/wiki/Malware#History_of_viruses_and_worms

http://www.cisco.com/web/about/security/intelligence/virus-worm-diffs.html

https://cve.mitre.org/

https://software.imdea.org/~juanca/papers/ppi_usenixsec11.pdf

http://securityintelligence.com/3-ways-steal-corporate-credentials/#.VTU8WfmUd8E

http://www.wordstream.com/black-hat-seo

http://en.wikipedia.org/wiki/Ransomware

http://www.kaspersky.com/about/news/virus/2013/Kaspersky_Lab_Identifies_Operation_Red_October_an_Advanced_Cyber_Espionage_Campaign_Targeting_Diplomatic_and_Government_Institutions_Worldwide

http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance

http://en.wikipedia.org/wiki/Regin_(malware)#cite_note-intercept20041124-3

http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance

http://en.wikipedia.org/wiki/Flame_%28malware%29

The “Practical Malware Analysis” book by Michael Sikorski and Andrew Honig

http://upx.sourceforge.net/

http://www.codeproject.com/Articles/30815/An-Anti-Reverse-Engineering-Guide

https://www.blackhat.com/presentations/bh-usa-07/Yason/Whitepaper/bh-usa-07-yason-WP.pdf

http://www.autosectools.com/process-hollowing.pdf

https://www.blackhat.com/presentations/bh-usa-07/Butler_and_Kendall/Presentation/bh-usa-07-butler_and_kendall.pdf

http://blog.opensecurityresearch.com/2013/01/windows-dll-injection-basics.html

Bitdefender “Reverse Engineering Malware” course notes

http://blogs.cisco.com/security/talos/threat-spotlight-dyre

http://malwaremusings.com/2012/10/13/self-modifying-code-changing-memory-protection/

Mandiant “Advanced Malware Analysis” course notes

https://www.hex-rays.com/products/ida/support/download.shtml

http://arstechnica.com/security/2015/05/gpu-based-rootkit-and-keylogger-offer-superior-stealth-and-computing-power/

http://seclab.stanford.edu/websec/chromium/chromium-security-architecture.pdf

Downloads

Published

2015-06-30

How to Cite

Iacob, I. C. (2015). Reverse Engineering Malicious Applications. Journal of Mobile, Embedded and Distributed Systems, 7(2), 65-86. Retrieved from http://jmeds.eu/index.php/jmeds/article/view/Reverse_Engineering_Malicious_Applications