Share Email Print

Proceedings Paper

Proactive malware detection
Author(s): Jonathan Gloster; Michael Diep; David Dredden; Matthew Mix; Mark Olsen; Brian Price; Betty Steil
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

Small-to-medium sized businesses lack resources to deploy and manage high-end advanced solutions to deter sophisticated threats from well-funded adversaries, but evidence shows that these types of businesses are becoming key targets. As malicious code and network attacks become more sophisticated, classic signature-based virus and malware detection methods are less effective. To augment the current malware methods of detection, we developed a proactive approach to detect emerging malware threats using open source tools and intelligence to discover patterns and behaviors of malicious attacks and adversaries. Technical and analytical skills are combined to track adversarial behavior, methods and techniques.

We established a controlled (separated domain) network to identify, monitor, and track malware behavior to increase understanding of the methods and techniques used by cyber adversaries. We created a suite of tools that observe the network and system performance looking for anomalies that may be caused by malware. The toolset collects information from open-source tools and provides meaningful indicators that the system was under or has been attacked. When malware is discovered, we analyzed and reverse engineered it to determine how it could be detected and prevented. Results have shown that with minimum resources, cost effective capabilities can be developed to detect abnormal behavior that may indicate malicious software.

Paper Details

Date Published: 18 June 2014
PDF: 13 pages
Proc. SPIE 9097, Cyber Sensing 2014, 909704 (18 June 2014); doi: 10.1117/12.2050215
Show Author Affiliations
Jonathan Gloster, The Van Dyke Technology Group, Inc. (United States)
Michael Diep, The Van Dyke Technology Group, Inc. (United States)
David Dredden, The Van Dyke Technology Group, Inc. (United States)
Matthew Mix, The Van Dyke Technology Group, Inc. (United States)
Mark Olsen, The Van Dyke Technology Group, Inc. (United States)
Brian Price, The Van Dyke Technology Group, Inc. (United States)
Betty Steil, The Van Dyke Technology Group, Inc. (United States)

Published in SPIE Proceedings Vol. 9097:
Cyber Sensing 2014
Igor V. Ternovskiy; Peter Chin, Editor(s)

© SPIE. Terms of Use
Back to Top