Analyzing Common Malware Techniques: A Detailed Report

Verified

Added on 2020/04/15

AI Summary

This report focuses on various malware techniques employed by developers to evade analysis and detection. It discusses four key techniques: environment awareness, where malware detects the runtime environment; confusing automated tools to bypass signature-based software; time-based invasion, using triggers like user actions; and obfuscating internal data to make code analysis difficult. The report highlights the evolving sophistication of malware and the ongoing efforts of security researchers to develop new methods for detection and analysis, including the use of fingerprint analysis. It emphasizes the continuous challenge for information security professionals to stay ahead of malware developers and the importance of adapting anti-detection techniques.

Running head: BUSINESS CONTINUITY AND DISASTER RECOVERY PLAN
BUSINESS CONTINUITY AND DISASTER RECOVERY PLAN
Name of the Student
Name of the University
Authors Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2BUSINESS CONTUINITY AND DISASTER RECOVERY PLAN
Table of Contents
Introduction..........................................................................................................................3
Discussion............................................................................................................................3
Conclusion...........................................................................................................................3
References............................................................................................................................3

3BUSINESS CONTUINITY AND DISASTER RECOVERY PLAN
Introduction
Some techniques which are being used by various malware developers are awareness of
environment, automated tool for confusing system, invasion on basis of time, obfuscating of
internal data. Security developers round the globe are coming up with new methods and
techniques which can easily tackle the threats related to techniques.
Discussion
The most four common type of malware techniques which are used by malware
developers which distinguish their codes from being analyzed are environment awareness,
confusing automated tool, time based invasion, obfuscating of internal data (Rastogi, Chen &
Jiang, 2013). Environmental awareness is to detect the runtime environment of the system which
the user wants to infect. This particular type of behavior allows the malware to have a difference
between virtualized and existing environment. Many researchers make use of Carbanak malware
which is used for detection of virtual sandbox before having proper execution. The second tool
is confusing automated tool which does not allow the malware to be easily detected by various
technologies of software like signature base antivirus software (Truong, 2014). Security
researchers provide response by making an analysis of the difference of working performance
between virtual and real environment. Time base invasion is the third most common type of
technique used for invasion. This type of code is generally used by various malware for running
at times or using by action which can be easily taken by the user (Rastogi, Chen & Jiang, 2014).
This method is inclusive of opening of window which is followed by initial action taken by user.
Black POS malware is the most devastating type of malware still known. This type of code
ensures that codes will run every time when the windows make a startup. The fourth technique
used by malware developer is obfuscating internal data. This particular technique is used by

4BUSINESS CONTUINITY AND DISASTER RECOVERY PLAN
malware to run various codes which cannot be easily detected by having a proper checking of the
system. API names with values which are hashed and make use of tables for having certain
process form being used by C&C server which contain 443 port which encrypts the traffic. All
the modification makes it difficult for the system to analyze the malicious nature of ROM. In
today’s world malware are becoming more sophisticated tools due to its behavior (Marpaung,
Sain & Lee, 2012). Various security researcher analyst is focusing to make of use of fingerprint
analysis which is useful for detection of malware. In the end this malicious software challenges
the professional of information security reminding them of the fact that the battle is not over.
Malware must be growing in detection when the matter of anti-detection comes into action. On
the contrary the security bodies are using these techniques so that they come up new methods to
tackle this malicious software.
Conclusion
From the above discussion it can be easily concluded that this report in general focus on
the various techniques and methods which help them in distinguishing their codes which prevent
them from being analyzed. Four techniques are environment awareness, automated tool for
confusing, invasion on basis of time and obfuscating of data from internal has been discussed in
details.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5BUSINESS CONTUINITY AND DISASTER RECOVERY PLAN
References
Marpaung, J. A., Sain, M., & Lee, H. J. (2012, February). Survey on malware evasion
techniques: State of the art and challenges. In Advanced Communication Technology
(ICACT), 2012 14th International Conference on (pp. 744-749). IEEE.
Rastogi, V., Chen, Y., & Jiang, X. (2013, May). Droidchameleon: evaluating android anti-
malware against transformation attacks. In Proceedings of the 8th ACM SIGSAC
symposium on Information, computer and communications security (pp. 329-334). ACM.
Rastogi, V., Chen, Y., & Jiang, X. (2014). Catch me if you can: Evaluating android anti-malware
against transformation attacks. IEEE Transactions on Information Forensics and
Security, 9(1), 99-108.
Truong, H. T. T., Lagerspetz, E., Nurmi, P., Oliner, A. J., Tarkoma, S., Asokan, N., &
Bhattacharya, S. (2014, April). The company you keep: Mobile malware infection rates
and inexpensive risk indicators. In Proceedings of the 23rd international conference on
World wide web (pp. 39-50). ACM.