系统实用程序领域中的恶意和无害软件

2019 Federated Conference on Computer Science and Information Systems (FedCSIS) Pub Date : 2019-09-26 DOI:10.15439/2019F244

Jana St'astná

{"title":"系统实用程序领域中的恶意和无害软件","authors":"Jana St'astná","doi":"10.15439/2019F244","DOIUrl":null,"url":null,"abstract":"The focus of malware research is often directed on behaviour and features of malicious samples that stand out the most. However, our previous research led us to see that some features typical for malware may occur in harmless software as well. That finding guided us to direct more attention towards harmless samples and more detailed comparisons of malware and harmless software properties. To eliminate variables that may influence the results, we narrowed down our research study to specific software domain - system maintenance and utility tools. We analysed 100 malicious and 100 harmless samples from this domain and statistically evaluated how they differ regarding packing, program sections and their entropies, amount of code outside common sections and we also looked at differences in behaviour from the high-level view.","PeriodicalId":168208,"journal":{"name":"2019 Federated Conference on Computer Science and Information Systems (FedCSIS)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Malicious and Harmless Software in the Domain of System Utilities\",\"authors\":\"Jana St'astná\",\"doi\":\"10.15439/2019F244\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The focus of malware research is often directed on behaviour and features of malicious samples that stand out the most. However, our previous research led us to see that some features typical for malware may occur in harmless software as well. That finding guided us to direct more attention towards harmless samples and more detailed comparisons of malware and harmless software properties. To eliminate variables that may influence the results, we narrowed down our research study to specific software domain - system maintenance and utility tools. We analysed 100 malicious and 100 harmless samples from this domain and statistically evaluated how they differ regarding packing, program sections and their entropies, amount of code outside common sections and we also looked at differences in behaviour from the high-level view.\",\"PeriodicalId\":168208,\"journal\":{\"name\":\"2019 Federated Conference on Computer Science and Information Systems (FedCSIS)\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 Federated Conference on Computer Science and Information Systems (FedCSIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.15439/2019F244\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 Federated Conference on Computer Science and Information Systems (FedCSIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.15439/2019F244","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

恶意软件研究的重点通常是针对最突出的恶意样本的行为和特征。然而，我们之前的研究让我们看到，恶意软件的一些典型特征也可能出现在无害软件中。这一发现引导我们将更多的注意力放在无害的样本上，并对恶意软件和无害软件属性进行更详细的比较。为了消除可能影响结果的变量，我们将研究范围缩小到特定的软件领域-系统维护和实用工具。我们分析了来自该领域的100个恶意和100个无害样本，并统计评估了它们在包装、程序部分及其熵、公共部分之外的代码数量方面的差异，我们还从高级视图查看了行为的差异。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Malicious and Harmless Software in the Domain of System Utilities

The focus of malware research is often directed on behaviour and features of malicious samples that stand out the most. However, our previous research led us to see that some features typical for malware may occur in harmless software as well. That finding guided us to direct more attention towards harmless samples and more detailed comparisons of malware and harmless software properties. To eliminate variables that may influence the results, we narrowed down our research study to specific software domain - system maintenance and utility tools. We analysed 100 malicious and 100 harmless samples from this domain and statistically evaluated how they differ regarding packing, program sections and their entropies, amount of code outside common sections and we also looked at differences in behaviour from the high-level view.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 Federated Conference on Computer Science and Information Systems (FedCSIS)

自引率

0.00%

发文量