CONSTRUCTING POLYMORPHIC VIRUS ANALYSIS SYSTEM USING BEHAVIOR DETECTION APPROACH

Rafrastara, Fauzi Adi (2014) CONSTRUCTING POLYMORPHIC VIRUS ANALYSIS SYSTEM USING BEHAVIOR DETECTION APPROACH. Disertasi 2014.

Preview	Image (JPEG) - Published Version Download (796Kb) | Preview
Preview	PDF - Published Version Download (384Kb) | Preview
Preview	PDF - Published Version Download (244Kb) | Preview
Preview	PDF - Published Version Download (654Kb) | Preview
Preview	PDF - Published Version Download (94Kb) | Preview
Preview	PDF - Published Version Download (102Kb) | Preview

Abstract

The current antivirus product were only able to detect the existence of viruses, but it built not record the activity or behavior viruses. Inability if antivirus to record the viruses. behavior made difficult certain users who want to know the behaviour of viruses as well to know the category or classification of certain viruses. Actually, there were several architectures proposed, but they still could not answer the needs of those certain users who want to know the classification of virus that they test. In this project, we studied the current types of viruses as well as current virus monitoring and analysis system. This study came up with the problem that become basic of the research. Here, we proposed an architectured adn a system, which are able to monitor the viruses’ behavior and classify thoses viruses whether as a traditional or polymorphic virus. Preliminary research was conducted to get the current virus behaviors and to find out the certain parameters, which are usually used by viruses to attack the computer target. Finnaly, we applied “test bed environment” to test our system by releasing several viruses in a real environment, and attempt to capture their behaviors. These activities were followed by generating the conclusion that the tested or monitored virus is classified as a tradional or polymorpihic virus.

Actions (login required)