SCARECROW: scalable malware reporting, detection and analysis
Malware is the main computer security threat that can cause damage to user's devices and company's infrastructure. End users who want to download executable files from the Internet are currently presented by a binary choice (OK or Cancel) but there is no viable third alternative for uncert...
Saved in:
| Main Authors: | , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Advanced Institute of Convergence Information Technology
2013
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/28638/1/28638.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
oai:psasir.upm.edu.my:28638 |
|---|---|
| record_format |
eprints |
| spelling |
oai:psasir.upm.edu.my:28638 http://psasir.upm.edu.my/id/eprint/28638/ SCARECROW: scalable malware reporting, detection and analysis Barakat, Osamah Lutf Hamood Hashim, Shaiful Jahari Raja Abdullah, Raja Syamsul Azmir Ramli, Abdul Rahman Hashim, Fazirulhisyam Samsudin, Khairulmizam Al-Baltah, Ibrahim Ahmed Al-Habshi, Mohamed Mustafa Malware is the main computer security threat that can cause damage to user's devices and company's infrastructure. End users who want to download executable files from the Internet are currently presented by a binary choice (OK or Cancel) but there is no viable third alternative for uncertainty (Not Sure). Reporting to any security agency or company for status inquiry regarding executable files normally lack of efficiency in terms of reporting back to the users in a timely manner. As a consequence, developing a more efficient approach that provide a prompt response to the users on reported suspicious files is important in order to encourage more end users engagement in malware reporting thus ultimately reducing the number of unknown malware in the wild. This study proposes a new automatic and scalable malware analyzer that is able to quickly scrutinize and help generate report for each malware detected. The implementation of the approach includes both the client (user's system) and the backend processing (security agency). The client side provides a user friendly and integrated reporting mechanism. The backend is based on both static and dynamic analysis for comprehensive malware detection and profiling. The backend utilizes cloud computing infrastructure to scale, speed up and automate the overall analysis and feedback processes. The system provides a win-win situation for both end user and security agency by providing sustainable and successful symbiotic anti-malware eco-system. Advanced Institute of Convergence Information Technology 2013 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/28638/1/28638.pdf Barakat, Osamah Lutf Hamood and Hashim, Shaiful Jahari and Raja Abdullah, Raja Syamsul Azmir and Ramli, Abdul Rahman and Hashim, Fazirulhisyam and Samsudin, Khairulmizam and Al-Baltah, Ibrahim Ahmed and Al-Habshi, Mohamed Mustafa (2013) SCARECROW: scalable malware reporting, detection and analysis. Journal of Convergence Information Technology, 8 (14). pp. 1-12. ISSN 1975-9320; ESSN: 2233-9299 http://www.globalcis.org/dl/citation.html?id=JCIT-4024 |
| institution |
UPM IR |
| collection |
UPM IR |
| language |
English |
| description |
Malware is the main computer security threat that can cause damage to user's devices and company's infrastructure. End users who want to download executable files from the Internet are currently presented by a binary choice (OK or Cancel) but there is no viable third alternative for uncertainty (Not Sure). Reporting to any security agency or company for status inquiry regarding executable files normally lack of efficiency in terms of reporting back to the users in a timely manner. As a consequence, developing a more efficient approach that provide a prompt response to the users on reported suspicious files is important in order to encourage more end users engagement in malware reporting thus ultimately reducing the number of unknown malware in the wild. This study proposes a new automatic and scalable malware analyzer that is able to quickly scrutinize and help generate report for each malware detected. The implementation of the approach includes both the client (user's system) and the backend processing (security agency). The client side provides a user friendly and integrated reporting mechanism. The backend is based on both static and dynamic analysis for comprehensive malware detection and profiling. The backend utilizes cloud computing infrastructure to scale, speed up and automate the overall analysis and feedback processes. The system provides a win-win situation for both end user and security agency by providing sustainable and successful symbiotic anti-malware eco-system. |
| format |
Article |
| author |
Barakat, Osamah Lutf Hamood Hashim, Shaiful Jahari Raja Abdullah, Raja Syamsul Azmir Ramli, Abdul Rahman Hashim, Fazirulhisyam Samsudin, Khairulmizam Al-Baltah, Ibrahim Ahmed Al-Habshi, Mohamed Mustafa |
| spellingShingle |
Barakat, Osamah Lutf Hamood Hashim, Shaiful Jahari Raja Abdullah, Raja Syamsul Azmir Ramli, Abdul Rahman Hashim, Fazirulhisyam Samsudin, Khairulmizam Al-Baltah, Ibrahim Ahmed Al-Habshi, Mohamed Mustafa SCARECROW: scalable malware reporting, detection and analysis |
| author_facet |
Barakat, Osamah Lutf Hamood Hashim, Shaiful Jahari Raja Abdullah, Raja Syamsul Azmir Ramli, Abdul Rahman Hashim, Fazirulhisyam Samsudin, Khairulmizam Al-Baltah, Ibrahim Ahmed Al-Habshi, Mohamed Mustafa |
| author_sort |
Barakat, Osamah Lutf Hamood |
| title |
SCARECROW: scalable malware reporting, detection and analysis |
| title_short |
SCARECROW: scalable malware reporting, detection and analysis |
| title_full |
SCARECROW: scalable malware reporting, detection and analysis |
| title_fullStr |
SCARECROW: scalable malware reporting, detection and analysis |
| title_full_unstemmed |
SCARECROW: scalable malware reporting, detection and analysis |
| title_sort |
scarecrow: scalable malware reporting, detection and analysis |
| publisher |
Advanced Institute of Convergence Information Technology |
| publishDate |
2013 |
| url |
http://psasir.upm.edu.my/id/eprint/28638/1/28638.pdf |
| _version_ |
1782720384968163328 |
| score |
12.935284 |