Malware dynamic analysis evasion techniques: A survey
The cyber world is plagued with ever-evolving malware that readily infiltrate all defense
mechanisms, operate viciously unbeknownst to the user, and surreptitiously exfiltrate …
mechanisms, operate viciously unbeknownst to the user, and surreptitiously exfiltrate …
Detecting environment-sensitive malware
M Lindorfer, C Kolbitsch… - Recent Advances in …, 2011 - Springer
The execution of malware in an instrumented sandbox is a widespread approach for the
analysis of malicious code, largely because it sidesteps the difficulties involved in the static …
analysis of malicious code, largely because it sidesteps the difficulties involved in the static …
{BareCloud}: Bare-metal analysis-based evasive malware detection
The volume and the sophistication of malware are continuously increasing and evolving.
Automated dynamic malware analysis is a widely-adopted approach for detecting malicious …
Automated dynamic malware analysis is a widely-adopted approach for detecting malicious …
A survey on automated dynamic malware analysis evasion and counter-evasion: Pc, mobile, and web
Automated dynamic malware analysis systems are important in combating the proliferation
of modern malware. Unfortunately, malware can often easily detect and evade these …
of modern malware. Unfortunately, malware can often easily detect and evade these …
Sandprint: Fingerprinting malware sandboxes to provide intelligence for sandbox evasion
A Yokoyama, K Ishii, R Tanabe, Y Papa… - Research in Attacks …, 2016 - Springer
To cope with the ever-increasing volume of malware samples, automated program analysis
techniques are inevitable. Malware sandboxes in particular have become the de facto …
techniques are inevitable. Malware sandboxes in particular have become the de facto …
Baredroid: Large-scale analysis of android apps on real devices
To protect Android users, researchers have been analyzing unknown, potentially-malicious
applications by using systems based on emulators, such as the Google's Bouncer and …
applications by using systems based on emulators, such as the Google's Bouncer and …
{PhishPrint}: Evading phishing detection crawlers by prior profiling
Security companies often use web crawlers to detect phishing and other social engineering
attack websites. We built a novel, scalable, low-cost framework named PhishPrint to enable …
attack websites. We built a novel, scalable, low-cost framework named PhishPrint to enable …
{AVLeak}: fingerprinting antivirus emulators through {Black-Box} testing
To fight the ever-increasing proliferation of novel malware, antivirus (AV) vendors have
turned to emulation-based automated dynamic malware analysis. Malware authors have …
turned to emulation-based automated dynamic malware analysis. Malware authors have …
Evasive malware via identifier implanting
R Tanabe, W Ueno, K Ishii, K Yoshioka… - Detection of Intrusions …, 2018 - Springer
To cope with the increasing number of malware attacks that organizations face, anti-
malware appliances and sandboxes have become an integral security defense. In particular …
malware appliances and sandboxes have become an integral security defense. In particular …
Partial Outsourcing of Malware Dynamic Analysis Without Disclosing File Contents
Dynamic analysis is one of the methods to analyze malware. However, if the file to be
analyzed contains confidential information, disclosing it to the analyst outside the …
analyzed contains confidential information, disclosing it to the analyst outside the …