Malware Analysis and Prediction System

945 views
854 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
945
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Malware Analysis and Prediction System

  1. 1. Prepared by:Security and Forensic Research Group School of Computer Sciences Universiti Sains Malaysia
  2. 2. General Incident Report Statistic 2012
  3. 3. Forensic Module Anti Malware Module server LAN Network internetEndUser Evidence And Report Prediction System Malware MAPS Evidence Analysis Repository
  4. 4. MAPS Prevention Prediction Malware Forensic AdvancedDetection Identification Basic Filtering Filtering Classification Evidence Storage Database Updated Report Generated Signature Database
  5. 5. MAPS Server Client Side Side Anti- IDS Notification Identifier Analyser Forensic Hacking SendStore packet Network Malware Filtering notification Detection in .txt Tracer Analysis Analysis emailUpload to host Malware Source Prevention Report database Prediction Destination Download from remote Get data from text file and database and store in store in sandbox database sandbox database Save filtered output Filter function based on and create report user / self define rules
  6. 6. Function MAPS Kaspersky Avira (Internet Security)Prediction ability to detectmalware’s attackMalware analysisForensic toolsSignature databaseOnline repositoryMultiple database
  7. 7. Ministry of Defense
  8. 8. Function Avira Kaspersky MAPS (Internet Security)Free VersionPremium Version RM 59.00 RM 99.00 RM 75.00Server RM 198.00 RM 160.00 RM 170.00Forensic Module FREE with server packages
  9. 9. hard code programmingefficiency on database and computer memorymanagement on future attack of Malware easy to be used on any machine
  10. 10. Grant : FRGS Title : Malware Behavioral Analysis for Better Identification and ClassificationInternational – Scientific Research Book Publication :1. Mohammad Bani Younes and Aman Jantan, “Image Encryption Using Block-Based Transformation Algorithm: Image Encryption and Decryption Process Using Block-Based Transformation Algorithm”. LAP LAMBERT Academic Publishing (October 9, 2011). ISBN-10: 3846512729, ISBN-13: 978-3846512722, Paperback: 176 pages. Language: EnglishInternational Journal and Journal Proceedings2. Abdulghani Ali Ahmed, Aman Jantan, Wan Tat Chee. 2011. SLA-Based Complementary Approach for Network Intrusion Detection. The International Journal for the Computer and Telecommunications Industry, Elsevier, ISSN: 0140-3664, Vol. 34, Issue 14, pp. 1738-1749, 1 September 2011. ISI/Scopus. Impact Factor 0.933. doi:10.1016/j.comcom.2011.03.013.3. Abdulghani Almohimid, Aman Jantan, Mohammed Rasmi. 2012. Service violation monitoring model for detecting and tracing bandwidth abuse. Journal of Network and Systems Management (JONS). Impact Factor (2011): 1.356 (Q1 in Telecommunications and Q2 in Computer Science, Information Systems) Manuscript No. DOI 0.1007/s10922-012-9236-24. Mohamad Fadli Zolkipli and Aman Jantan, "A Framework for Malware Detection Using Combination Technique and Signature Generation," Second International Conference on Computer Research and Development, ICCRD 2010; IEEE Computer Society, pp. 196-199. DOI 10.1109/ICCRD.2010.25. Scopus.5. Zolkipli, Mohamad Fadli and Aman Jantan. "Malware Behavior Analysis: Learning and Understanding Current Malware Threats," Network Applications Protocols and Services (NETAPPS), 2010 Second International Conference on , vol., no., pp.218-221, 22-23 Sept. 2010. DOI: 10.1109/NETAPPS.2010.46. Scopus.
  11. 11. 6. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Malware Behavior Identification and Classification. Proceedings of the 2011 3rd International Conference on Computer Research and Development (ICCRD 2011), ISBN: 978-161284837-2, Shanghai, China, pp. 191-194, 11-15 March 2011. Scopus.7. Mohamad Fadli Zolkipli and Aman Jantan. 2011. A Framework for Defining Malware Behavior Using Run Time Analysis and Resource Monitoring. J.M. Zain et al. (Eds.): ICSECS 2011, Part I, CCIS 179, pp. 199-209. Scopus. Springer-Link.8. Mohd. Najwadi Yusoff and Aman Jantan. 2011. A Framework for Optimizing Malware Classification by Using Genetic Algorithm. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 58-72. Scopus. Springer- Link.9. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Identifying Malware Operation and Target Using Run Time Analysis and Resource Monitoring. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Volume 5, Number 8, pp. 169-178, August 2011. Scopus.10.Mohammad Rasmi, Aman Jantan, 2011. ASAS: Agile Similarity Attack Strategy Model based on Evidence Classification for Network Forensic Attack Analysis. Procedia-Computer Science Journal (ISSN: 1877- 0509).11.M. Rasmi, Aman Jantan. 2011. AIA: Attack Intention Analysis Algorithm Based on D-S Theory with Causal Technique for Network Forensics - A Case Study. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Vol. 5, No. 9, pp. 230-237, September 2011. Scopus.12.M. Rasmi and Aman Jantan. 2011. Attack Intention Analysis Model for Network Forensics. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 403-411. Scopus. Springer-Link.13.Mohammad Rasmi, Aman Jantan, Abdulghani Ali Ahmed. Network Forensics Attack-Analysis Model Based on Similarity of Intention. The International Conference on Computer Application and Education Technology (ICCAET, 2011), 3-4 December 2011. Beijing, China. IEEE Computer Society. Scopus.14.M. Rasmi and Aman Jantan. 2011. A Model for NFAA-Network Forensics Attack Analysis. Proceedings of the 2011 3rd International Conference on Computer Engineering and Technology (ICCET 2011), ISBN: 9780791859735, Kuala Lumpur, pp. 739-747, 17-19 June 2011. Scopus

×