Malware: the never-ending arm race

Menéndez, Héctor D. ORCID logoORCID: https://orcid.org/0000-0002-6314-3725 (2021) Malware: the never-ending arm race. Open Journal of Cybersecurity, 1 (1) . pp. 1-25. [Article] (doi:10.46723/ojc.1.1.3)

[img]
Preview
PDF - Published version (with publisher's formatting)
Available under License Creative Commons Attribution-NonCommercial ShareAlike 4.0.

Download (286kB) | Preview

Abstract

"Antivirus is death"' and probably every detection system that focuses on a single strategy for indicators of compromise. This famous quote that Brian Dye --Symantec's senior vice president-- stated in 2014 is the best representation of the current situation with malware detection and mitigation. Concealment strategies evolved significantly during the last years, not just like the classical ones based on polimorphic and metamorphic methodologies, which killed the signature-based detection that antiviruses use, but also the capabilities to fileless malware, i.e. malware only resident in volatile memory that makes every disk analysis senseless. This review provides a historical background of different concealment strategies introduced to protect malicious --and not necessarily malicious-- software from different detection or analysis techniques. It will cover binary, static and dynamic analysis, and also new strategies based on machine learning from both perspectives, the attackers and the defenders.

Item Type: Article
Keywords (uncontrolled): General Medicine, Biochemistry, Biochemistry, Sociology and Political Science, History, History, Cultural Studies, Literature and Literary Theory, Visual Arts and Performing Arts, History, History, Political Science and International Relations, Sociology and Political Science, Sociology and Political Science, History, Anthropology, Cultural Studies, Literature and Literary Theory, Linguistics and Language, History, Language and Linguistics, Cultural Studies
Item ID: 33857
Notes on copyright: This work is licensed under a Creative Commons “AttributionNonCommercial-ShareAlike 4.0 International” license.
Useful Links:
Depositing User: Jisc Publications Router
Date Deposited: 16 Sep 2021 08:00
Last Modified: 16 Sep 2021 08:00
URI: https://eprints.mdx.ac.uk/id/eprint/33857

Actions (login required)

View Item View Item

Statistics

Activity Overview
6 month trend
119Downloads
6 month trend
249Hits

Additional statistics are available via IRStats2.