Skip to main content


Understanding Behavioural Detection Of AVs


Antivirus products nowadays almost always come bundled with some forms of proactive detection based on application behaviours. Many antivirus products in the market claim that they can detect and stop new and unknown threats with minimum use of traditional byte matching signatures. However, behavioural based detection is not the ultimate solution and can be circumvented. A few companies carry out independent tests to rate the capabilities of the antivirus to stop new and unknown threats.


However, these tests are not frequently updated and therefore cannot reflect the real daily situation as new threats are constantly being released into the wild.

In this project, we study the behavioural detection engines of the antivirus in both the 32-bit and 64-bit versions of Windows 7 by using specialised modules to identify the technologies that the antivirus are using to monitor application behaviours.

Our analysis revealed that the 64-bit versions of the antivirus are generally weaker than their 32-bit versions. To determine the effectiveness of the antivirus behavioural detection engines, we propose replaying the actions of applications from sandbox logs to the antivirus and observing the reaction of the antivirus.

Our experiments demonstrated that this approach can illustrate the capabilities of the antivirus behavioural detection engines and uncover the behavioural detection signatures of the antivirus at the same time.


File Type: PDF
File Size: 1.51 MB
Total Pages: 90

Direct Link Mega:
Download Now
Direct Link AnonFiles:
Download Now
Direct Link Mediafire:
Download Now
Direct Link Solidfiles:
Download Now
Direct Link Sabercathost:
Download Now
Direct Link Tusfiles:
Download Now

Labels:

Comments

Post a Comment

Popular posts from this blog

Web Hacking 101

With a Foreword written by HackerOne Co-Founders Michiel Prins and Jobert Abma, Web Hacking 101 is about the ethical exploration of software for security issues but learning to hack isn't always easy. With few exceptions, existing books are overly technical, only dedicate a single chapter to website vulnerabilities or don't include any real world examples. This book is different. Using publicly disclosed vulnerabilities, Web Hacking 101 explains common web vulnerabilities and will show you how to start finding vulnerabilities and collecting bounties.
Post a Comment
Read more

High Performance Cloud Auditing

This eBook mainly focuses on cloud security and high performance computing for cloud auditing. The eBook discusses emerging challenges and techniques developed for high performance semantic cloud auditing, and presents the state of the art in cloud auditing, computing and security techniques with focus on technical aspects and feasibility of auditing issues in federated cloud computing environments.
Post a Comment
Read more

Hack-X-Crypt (By Ujjwal Sahay)

This is basically a straight forward guide towards ethical hacking and cyber security.Computer hacking is the practice of altering computer hardware and software to carry out a goal outside of the creator‘s original intention. People who slot in computer hacking actions and activities are often entitled as hackers. The majority of people assume that hackers are computer criminals. They fall short to identify the fact that criminals and hackers are two entirely unrelated things.
Post a Comment
Read more