1 / 9

Data-Centric OS Kernel Malware Characterization

Traditional malware detection and analysis approaches have been focusing on code-centric aspects of malicious programs, such as detection of the injection of malicious code or matching malicious code sequences. However, modern malware has been employing advanced strategies, such as reusing legitimate code or obfuscating malware code to circumvent the detection. As a new perspective to complement code-centric approaches, we propose a data-centric OS kernel malware characterization architecture that detects and characterizes malware attacks based on the properties of data objects manipulated during the attacks. http://kaashivinfotech.com/ http://inplanttrainingchennai.com/ http://inplanttraining-in-chennai.com/ http://internshipinchennai.in/ http://inplant-training.org/ http://kernelmind.com/ http://inplanttraining-in-chennai.com/ http://inplanttrainingchennai.com/

kaashivit
Télécharger la présentation

Data-Centric OS Kernel Malware Characterization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hybrid Malware detect memory Mapper _In Kernel Centric VM Based Green Computing World IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 1, JANUARY 2014“ Data-Centric OS Kernel Malware Characterization

  2. A Software /Manufacturing Research Company Run By Microsoft Most Valuable Professional VenkatesanPrabu .J MANAGING DIRECTOR Microsoft Web Developer Advisory Council team member and a well known Microsoft Most Valuable Professional (MVP) for the year 2008, 2009, 2010,2011,2012,2013 ,2014. LakshmiNarayanan.J GENERAL MANAGER BlackBerry Server Admin. Oracle 10g SQL Expert. Arunachalam.J Electronic Architect Human Resourse Manager

  3. Abstract • Traditional malware detection and analysis approaches have been focusing on code-centric aspects of malicious programs, such as detection of the injection of malicious code or matching malicious code sequences. However, modern malware has been employing advanced strategies, such as reusing legitimate code or obfuscating malware code to circumvent the detection. • As a new perspective to complement code-centric approaches, we propose a data-centric OS kernel malware characterization architecture that detects and characterizes malware attacks based on the properties of data objects manipulated during the attacks. • This framework consists of two system components with novel features: First, a runtime kernel object mapping system which has an un-tampered view of kernel data objects resistant to manipulation by malware. • This view is effective at detecting a class of malware that hides dynamic data objects. Second, this framework consists of a new kernel malware detection approach that generates malware signatures based on the data access patterns specific to malware attacks.

  4. Existing System • Existing approach projects towards Memory Performance Check, Memory management Leaks and Interoperability between managed (New version of Microsoft Language like c#) and unmanaged code(Older version of Microsoft Language like VC++). • System call through Widows level coding invokes some of the malicious  malware specification matching up with the suspicious system calls arises with existing malicious activity in the virtual operating system . • Memory Mapping / Leaks leads to memory leakage in the virtual machine which leads to handle the files with the improper usage of Application call for Kernel Mode Services • Irregular memory wastage and improper properties of exe files while accessing the VM access program are considered to be some of the drawbacks of the existing approach

  5. Proposed System • In our proposed approach, the malware in the virtual machine is being detected and also tends to be monitored with the help of malware detector. • Monitoring application execution involves • Memory Management Leaks • Memory Performance Checks • Unmanaged Code execution • Listing down the malware and fixing it by implementing over some testing analysis like Malware bytes Anti-Malware (MBAM) scanner was considered to be projected in our proposed analysis. • Dynamic detection of malware activity in virtual environment detects the vulnerable activity in kernel aided with proof carrying out over the injected malware code and memory leakage mechanism.

  6. System Requirements • Hardware Requirements: Platform : DOTNET (VS2010) , ASP.NET Dot net framework 4.0 Database : SQL Server 2008 R2 • Software Requirements: Processor : Core 2 duo Speed : 2.2GHZ RAM : 2GB Hard Disk : 160GB

  7. Architecture Diagram

  8. Records Breaks Asia Book Of Records Tamil Nadu Of Records India Of Records MVP Awards World Record

  9. Services: A Software /Manufacturing Research Company Run By Microsoft Most Valuable Professional Inplant Training. Internship. Workshop’s. Final Year Project’s. Industrial Visit. Contact Us: +91 98406 78906,+91 90037 18877 kaashiv.info@gmail.com www.kaashivinfotech.com Shivanantha Building (Second building to Ayyappan Temple),X41, 5th Floor, 2nd avenue,Anna Nagar,Chennai-40.

More Related