2014 Second International Symposium on Computing and Networking (CANDAR) (2014)
Dec. 10, 2014 to Dec. 12, 2014
Malware has received much attention in recent years. Antivirus software is widely used as a countermeasure against malware. However, some kinds of malware can evade detection by antivirus software, hence, a new detection method is required. In this paper, we propose a malware detection method that focuses on Anti-Debugging functions. An Anti-Debugging function is a method that prevents malware analysts from analyzing an application program (AP). The function can form part of benign as well as malicious APs. Our method focuses on a behavioral difference between benign and malicious APs and detects malware by comparing the two behavioral patterns. Evaluation results with malware confirmed our method to be capable of successfully detecting malware.
Malware, Detectors, Software, Debugging, Internet, Focusing, Educational institutions
K. Yoshizaki and T. Yamauchi, "Malware Detection Method Focusing on Anti-debugging Functions," 2014 Second International Symposium on Computing and Networking (CANDAR), Shizuoka, Japan, 2014, pp. 563-566.