Skip to main content


Exploiting an Antivirus Interface


Traditional signature-based malware detectors identify malware by scanning untrusted binaries for distinguishing byte sequences or features. Features unique to malware are maintained in a signature database, which must be continually updated as new malware is discovered and analyzed. Signature-based malware detection generally enforces a static approximation of some desired dynamic (i.e., behavioral) security policy.


For example, access control policies, such as those that prohibit code injections into operating system executables, are statically undecidable and can therefore only be approximated by any purely static decision procedure such as signature-matching.

A signature-based malware-detector approximates these policies by identifying syntactic features that tend to appear only in binaries that exhibit policy-violating behavior when  executed.   

This  approximation  is  both  unsound  and  incomplete  in  that it is susceptible to both false positive and false negative classifications of some binaries.   

For  this  reason  signature  databases  are  typically  kept  confidential,since they contain information that an attacker could use to craft malware that he detector would mis-classify as benign, defeating the protection system.  The effectiveness  of  signature-based  malware  detection  thus  depends  on  both  the comprehensiveness and confidentiality of the signature database.


File Type: PDF
File Size: 166 KB
Total Pages: 18

Direct Link Mega:
Download Now
Direct Link AnonFiles:
Download Now
Direct Link Mediafire:
Download Now
Direct Link Solidfiles:
Download Now
Direct Link Sabercathost:
Download Now
Direct Link Tusfiles:
Download Now

Labels:

Comments

Post a Comment

Popular posts from this blog

Web Hacking 101

With a Foreword written by HackerOne Co-Founders Michiel Prins and Jobert Abma, Web Hacking 101 is about the ethical exploration of software for security issues but learning to hack isn't always easy. With few exceptions, existing books are overly technical, only dedicate a single chapter to website vulnerabilities or don't include any real world examples. This book is different. Using publicly disclosed vulnerabilities, Web Hacking 101 explains common web vulnerabilities and will show you how to start finding vulnerabilities and collecting bounties.
Post a Comment
Read more

High Performance Cloud Auditing

This eBook mainly focuses on cloud security and high performance computing for cloud auditing. The eBook discusses emerging challenges and techniques developed for high performance semantic cloud auditing, and presents the state of the art in cloud auditing, computing and security techniques with focus on technical aspects and feasibility of auditing issues in federated cloud computing environments.
Post a Comment
Read more

Hack-X-Crypt (By Ujjwal Sahay)

This is basically a straight forward guide towards ethical hacking and cyber security.Computer hacking is the practice of altering computer hardware and software to carry out a goal outside of the creator‘s original intention. People who slot in computer hacking actions and activities are often entitled as hackers. The majority of people assume that hackers are computer criminals. They fall short to identify the fact that criminals and hackers are two entirely unrelated things.
Post a Comment
Read more