Penetrating the Virus Monitoring and Analysis System Using Delayed Trigger Technique
Virus Monitoring and Analysis System (VMAS) is generally used for monitoring and capturing virus behavior, and it can produce a report analysis which can be used by expert user to learn virus activity. There are several tools which have this capability, such as: Joebox, ThreatExpert, CWSandbox,...
Saved in:
| Main Author: | |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2010
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/6975/1/rp041_vol.2-Z224.pdf http://eprints.utem.edu.my/id/eprint/6975/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Virus Monitoring and Analysis System (VMAS) is
generally used for monitoring and capturing virus behavior,
and it can produce a report analysis which can be used by
expert user to learn virus activity. There are several tools
which have this capability, such as: Joebox, ThreatExpert,
CWSandbox, and Sysinternals. Turns out, these tools are not
fully perfect in analyzing the virus behavior. Therefore in this paper, we propose a technique to defeat such tools, by
exploiting the limitation of VMAS in term of time monitoring, by introducing a new virus exploiting technique called Delayed Trigger Technique (DTT). |
|---|