White Papers

HookFinder: Identifying and Understanding Malware Hooking Behaviors

Category: Security

Tags: spyware, malware, unified

Overview Installing various hooks into the victim system is an important attacking strategy employed by malware, including spyware, rootkits, stealth backdoors, and others. In order to defeat existing hook detectors, malware writers keep exploring new hooking mechanisms. However, the current malware analysis procedure is painstaking, mostly manual and error-prone. This paper proposes the first systematic approach for automatically identifying hooks and extracting hooking mechanisms. The paper proposes a unified approach, fine-grained impact analysis, to identify malware hooking behaviors. One's approach does not rely on any prior knowledge of hooking mechanisms, and thus can identify novel hooking mechanisms.

Download White Paper

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher
Carnegie Mellon University
File Format
PDF
Date Published
Oct 22, 2008
Format
White Papers
Topics
Spyware, Network Security, Security Management

Similiar White Papers

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

According to recent surveys, employee social networking is growing rapidly, on hot sites such as Facebook, LinkedIn and

Publisher: MessageLabs, now part of Symantec  |  Tags: enterprise security, social networking

Sophos Email Security and Control - Free 30 Day Trial

Sophos Email Security and Control - Free 30 Day Trial

Proactively block inbound and outbound threats with unrivaled effectiveness and simplicity, delivering high-capacity, hi

Publisher: Sophos

X-Force®Threat Insight Quarterly Voice over Internet Protocol (VoIP) ? Find out what the threats and challenges are for anyone deploying VoIP

X-Force®Threat Insight Quarterly Voice over Internet Protocol (VoIP) ? Find out what the threats and challenges are for anyone deploying VoIP

The X-Force Threat Insight Quarterly (Threat IQ) highlights the most significant threats and challenges facing security

Publisher: Internet Security Systems  |  Tags: homeland security, security flaws, voip

Web Security SaaS: The Next Generation of Web Security

Web Security SaaS: The Next Generation of Web Security

The Web is the new threat vector of choice for hackers and cybercriminals to distribute malware and perpetrate identity

Publisher: Webroot Software  |  Tags: hackers, idc, malware, saas

An independent report by ICSA Labs on the performance of ISS' VoIP-enabled Intrusion Prevention devices

An independent report by ICSA Labs on the performance of ISS' VoIP-enabled Intrusion Prevention devices

This technical product evaluation is focused on the ISS VoIP-enabled Intrusion Prevention devices. These are built to su

Publisher: Internet Security Systems  |  Tags: voip

Carnegie Mellon University White Papers

Cyber Threats and the U S Economy

Cyber Threats and the U S Economy

The Internet has proven to be an engine that is driving a revolution in the way individuals and organizations conduct bu

Publisher: Carnegie Mellon University  |  Tags: network, research and development

SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks

SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks

An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop p

Publisher: Carnegie Mellon University  |  Tags: cpu, infrastructure, network

Packet Leashes: A Defense Against Wormhole Attacks in Wireless Networks

Packet Leashes: A Defense Against Wormhole Attacks in Wireless Networks

As mobile ad hoc network applications are deployed, security emerges as a central requirement. This paper introduces the

Publisher: Carnegie Mellon University  |  Tags: applications, network, wireless networks, wireless security

Verification of RSTP Convergence and Scalability by Measurements and Simulations

Verification of RSTP Convergence and Scalability by Measurements and Simulations

As the Ethernet technology is growing out from the LAN environment, its restoration and scalability properties are getti

Publisher: Carnegie Mellon University  |  Tags: ethernet, network

Detecting DDoS Attacks on ISP Networks

Detecting DDoS Attacks on ISP Networks

Most past solutions for detecting denial of service attacks (and identifying the perpetrators) have targeted end-node vi

Publisher: Carnegie Mellon University  |  Tags: ddos, isp, isps, network, routers