Penetrating the Virus Monitoring and Analysis System Using Delayed Trigger Technique

Virus Monitoring and Analysis System (VMAS) is generally used for monitoring and capturing virus behavior, and it can produce a report analysis which can be used by expert user to learn virus activity. There are several tools which have this capability, such as: Joebox, ThreatExpert, CWSandbox,...

Full description

Saved in:
Bibliographic Details
Main Author: Abdollah, M. F.
Format: Conference or Workshop Item
Language:English
Published: 2010
Subjects:
Online Access:http://eprints.utem.edu.my/id/eprint/6975/1/rp041_vol.2-Z224.pdf
http://eprints.utem.edu.my/id/eprint/6975/
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Teknikal Malaysia Melaka
Language: English
Description
Summary:Virus Monitoring and Analysis System (VMAS) is generally used for monitoring and capturing virus behavior, and it can produce a report analysis which can be used by expert user to learn virus activity. There are several tools which have this capability, such as: Joebox, ThreatExpert, CWSandbox, and Sysinternals. Turns out, these tools are not fully perfect in analyzing the virus behavior. Therefore in this paper, we propose a technique to defeat such tools, by exploiting the limitation of VMAS in term of time monitoring, by introducing a new virus exploiting technique called Delayed Trigger Technique (DTT).