从PE可执行文件中检测法医相关信息

2013 International Conference on Recent Trends in Information Technology (ICRTIT) Pub Date : 2013-07-25 DOI:10.1109/ICRTIT.2013.6844216

Shany Jophin, Meera Vijayan, S. Dija

{"title":"从PE可执行文件中检测法医相关信息","authors":"Shany Jophin, Meera Vijayan, S. Dija","doi":"10.1109/ICRTIT.2013.6844216","DOIUrl":null,"url":null,"abstract":"Cyber forensics analysis is the procedure to find crucial evidence with respect to a crime from a digital media. Malware forensics and Network security plays a crucial role in the current scenario where malware attacks are a common problem. A malicious software which can be commonly termed as a malware would cause interruption to a computer operation and may collect necessary information or illegally access private systems. A malware may either take the form of a script, code, spyware and many other kinds of malicious programs. Reverse engineering principles are applied in this domain to analyze malware. It is the comprehensive process of breaking software to figure out how it works. This paper proposes an advanced and resource friendly malware forensics analysis procedure which uses the principles of static analysis to figure out the exact purpose of an executable file. Portable executable format can be explored with higher accuracy using the proposed method.","PeriodicalId":113531,"journal":{"name":"2013 International Conference on Recent Trends in Information Technology (ICRTIT)","volume":"284 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Detecting forensically relevant information from PE executables\",\"authors\":\"Shany Jophin, Meera Vijayan, S. Dija\",\"doi\":\"10.1109/ICRTIT.2013.6844216\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber forensics analysis is the procedure to find crucial evidence with respect to a crime from a digital media. Malware forensics and Network security plays a crucial role in the current scenario where malware attacks are a common problem. A malicious software which can be commonly termed as a malware would cause interruption to a computer operation and may collect necessary information or illegally access private systems. A malware may either take the form of a script, code, spyware and many other kinds of malicious programs. Reverse engineering principles are applied in this domain to analyze malware. It is the comprehensive process of breaking software to figure out how it works. This paper proposes an advanced and resource friendly malware forensics analysis procedure which uses the principles of static analysis to figure out the exact purpose of an executable file. Portable executable format can be explored with higher accuracy using the proposed method.\",\"PeriodicalId\":113531,\"journal\":{\"name\":\"2013 International Conference on Recent Trends in Information Technology (ICRTIT)\",\"volume\":\"284 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Recent Trends in Information Technology (ICRTIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICRTIT.2013.6844216\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Recent Trends in Information Technology (ICRTIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRTIT.2013.6844216","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

网络取证分析是从数字媒体中寻找与犯罪有关的关键证据的过程。恶意软件取证和网络安全在当前的场景中扮演着至关重要的角色，恶意软件攻击是一个常见的问题。恶意软件通常被称为恶意软件，它会导致计算机操作中断，并可能收集必要的信息或非法访问私人系统。恶意软件可以采用脚本、代码、间谍软件和许多其他类型的恶意程序的形式。逆向工程原理应用于该领域来分析恶意软件。它是一个全面的过程，通过破解软件来弄清楚它是如何工作的。本文提出了一种先进的、资源友好型的恶意软件取证分析方法，该方法利用静态分析原理找出可执行文件的确切目的。使用该方法可以以更高的精度探索可移植可执行格式。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detecting forensically relevant information from PE executables

Cyber forensics analysis is the procedure to find crucial evidence with respect to a crime from a digital media. Malware forensics and Network security plays a crucial role in the current scenario where malware attacks are a common problem. A malicious software which can be commonly termed as a malware would cause interruption to a computer operation and may collect necessary information or illegally access private systems. A malware may either take the form of a script, code, spyware and many other kinds of malicious programs. Reverse engineering principles are applied in this domain to analyze malware. It is the comprehensive process of breaking software to figure out how it works. This paper proposes an advanced and resource friendly malware forensics analysis procedure which uses the principles of static analysis to figure out the exact purpose of an executable file. Portable executable format can be explored with higher accuracy using the proposed method.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 International Conference on Recent Trends in Information Technology (ICRTIT)

自引率

0.00%

发文量