L. Caviglione, Martin Grabowski, Kai Gutberlet, A. Marzecki, M. Zuppelli, A. Schaffhauser, W. Mazurczyk
{"title":"Detection of Malicious Images in Production-Quality Scenarios with the SIMARGL Toolkit","authors":"L. Caviglione, Martin Grabowski, Kai Gutberlet, A. Marzecki, M. Zuppelli, A. Schaffhauser, W. Mazurczyk","doi":"10.1145/3538969.3544469","DOIUrl":null,"url":null,"abstract":"An increasing trend exploits steganography to conceal payloads in digital images, e.g., to drop malicious executables or to retrieve configuration files. Due to the very attack-specific nature of the exploited hiding mechanisms, developing general detection methods is a hard task. An effective approach concerns the creation of ad-hoc solutions to be integrated within general toolkits, also to holistically face unknown threats. Therefore, this paper discusses the integration of a tool for detecting malicious contents hidden in digital images via the Invoke-PSImage technique within the Secure Intelligent Methods for Advanced Recognition of Malware and Stegomalware framework. Since the real impact of images embedding steganographic threats and the behavior of ad-hoc solutions in realistic scenarios are still unknown territories, this work also showcases a performance evaluation conducted in a nation-wide telecommunication provider. Results demonstrated the effectiveness of the approach and also support the need of modular architectures to face the emerging wave of highly-specialized threats.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 17th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3538969.3544469","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
An increasing trend exploits steganography to conceal payloads in digital images, e.g., to drop malicious executables or to retrieve configuration files. Due to the very attack-specific nature of the exploited hiding mechanisms, developing general detection methods is a hard task. An effective approach concerns the creation of ad-hoc solutions to be integrated within general toolkits, also to holistically face unknown threats. Therefore, this paper discusses the integration of a tool for detecting malicious contents hidden in digital images via the Invoke-PSImage technique within the Secure Intelligent Methods for Advanced Recognition of Malware and Stegomalware framework. Since the real impact of images embedding steganographic threats and the behavior of ad-hoc solutions in realistic scenarios are still unknown territories, this work also showcases a performance evaluation conducted in a nation-wide telecommunication provider. Results demonstrated the effectiveness of the approach and also support the need of modular architectures to face the emerging wave of highly-specialized threats.