Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Prepared by:Security and Forensic Research Group    School of Computer Sciences       Universiti Sains Malaysia
General Incident Report Statistic 2012
Forensic Module                          Anti Malware Module                                  server     LAN Network      ...
MAPS       Prevention                      Prediction                            Malware                                  ...
MAPS                 Server                                                                               Client Side     ...
Function      MAPS       Kaspersky         Avira                                      (Internet Security)Prediction abilit...
Ministry of Defense
Function     Avira        Kaspersky           MAPS                                     (Internet Security)Free VersionPrem...
hard code programmingefficiency on database and computer memorymanagement            on future attack of Malware       eas...
Grant : FRGS Title : Malware Behavioral Analysis for Better Identification and ClassificationInternational – Scientific Re...
6. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Malware Behavior Identification and   Classification. Procee...
Malware Analysis and Prediction System
Malware Analysis and Prediction System
Malware Analysis and Prediction System
Malware Analysis and Prediction System
Malware Analysis and Prediction System
Malware Analysis and Prediction System
Malware Analysis and Prediction System
Malware Analysis and Prediction System
Upcoming SlideShare
Loading in …5
×

Malware Analysis and Prediction System

1,099 views

Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Malware Analysis and Prediction System

  1. 1. Prepared by:Security and Forensic Research Group School of Computer Sciences Universiti Sains Malaysia
  2. 2. General Incident Report Statistic 2012
  3. 3. Forensic Module Anti Malware Module server LAN Network internetEndUser Evidence And Report Prediction System Malware MAPS Evidence Analysis Repository
  4. 4. MAPS Prevention Prediction Malware Forensic AdvancedDetection Identification Basic Filtering Filtering Classification Evidence Storage Database Updated Report Generated Signature Database
  5. 5. MAPS Server Client Side Side Anti- IDS Notification Identifier Analyser Forensic Hacking SendStore packet Network Malware Filtering notification Detection in .txt Tracer Analysis Analysis emailUpload to host Malware Source Prevention Report database Prediction Destination Download from remote Get data from text file and database and store in store in sandbox database sandbox database Save filtered output Filter function based on and create report user / self define rules
  6. 6. Function MAPS Kaspersky Avira (Internet Security)Prediction ability to detectmalware’s attackMalware analysisForensic toolsSignature databaseOnline repositoryMultiple database
  7. 7. Ministry of Defense
  8. 8. Function Avira Kaspersky MAPS (Internet Security)Free VersionPremium Version RM 59.00 RM 99.00 RM 75.00Server RM 198.00 RM 160.00 RM 170.00Forensic Module FREE with server packages
  9. 9. hard code programmingefficiency on database and computer memorymanagement on future attack of Malware easy to be used on any machine
  10. 10. Grant : FRGS Title : Malware Behavioral Analysis for Better Identification and ClassificationInternational – Scientific Research Book Publication :1. Mohammad Bani Younes and Aman Jantan, “Image Encryption Using Block-Based Transformation Algorithm: Image Encryption and Decryption Process Using Block-Based Transformation Algorithm”. LAP LAMBERT Academic Publishing (October 9, 2011). ISBN-10: 3846512729, ISBN-13: 978-3846512722, Paperback: 176 pages. Language: EnglishInternational Journal and Journal Proceedings2. Abdulghani Ali Ahmed, Aman Jantan, Wan Tat Chee. 2011. SLA-Based Complementary Approach for Network Intrusion Detection. The International Journal for the Computer and Telecommunications Industry, Elsevier, ISSN: 0140-3664, Vol. 34, Issue 14, pp. 1738-1749, 1 September 2011. ISI/Scopus. Impact Factor 0.933. doi:10.1016/j.comcom.2011.03.013.3. Abdulghani Almohimid, Aman Jantan, Mohammed Rasmi. 2012. Service violation monitoring model for detecting and tracing bandwidth abuse. Journal of Network and Systems Management (JONS). Impact Factor (2011): 1.356 (Q1 in Telecommunications and Q2 in Computer Science, Information Systems) Manuscript No. DOI 0.1007/s10922-012-9236-24. Mohamad Fadli Zolkipli and Aman Jantan, "A Framework for Malware Detection Using Combination Technique and Signature Generation," Second International Conference on Computer Research and Development, ICCRD 2010; IEEE Computer Society, pp. 196-199. DOI 10.1109/ICCRD.2010.25. Scopus.5. Zolkipli, Mohamad Fadli and Aman Jantan. "Malware Behavior Analysis: Learning and Understanding Current Malware Threats," Network Applications Protocols and Services (NETAPPS), 2010 Second International Conference on , vol., no., pp.218-221, 22-23 Sept. 2010. DOI: 10.1109/NETAPPS.2010.46. Scopus.
  11. 11. 6. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Malware Behavior Identification and Classification. Proceedings of the 2011 3rd International Conference on Computer Research and Development (ICCRD 2011), ISBN: 978-161284837-2, Shanghai, China, pp. 191-194, 11-15 March 2011. Scopus.7. Mohamad Fadli Zolkipli and Aman Jantan. 2011. A Framework for Defining Malware Behavior Using Run Time Analysis and Resource Monitoring. J.M. Zain et al. (Eds.): ICSECS 2011, Part I, CCIS 179, pp. 199-209. Scopus. Springer-Link.8. Mohd. Najwadi Yusoff and Aman Jantan. 2011. A Framework for Optimizing Malware Classification by Using Genetic Algorithm. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 58-72. Scopus. Springer- Link.9. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Identifying Malware Operation and Target Using Run Time Analysis and Resource Monitoring. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Volume 5, Number 8, pp. 169-178, August 2011. Scopus.10.Mohammad Rasmi, Aman Jantan, 2011. ASAS: Agile Similarity Attack Strategy Model based on Evidence Classification for Network Forensic Attack Analysis. Procedia-Computer Science Journal (ISSN: 1877- 0509).11.M. Rasmi, Aman Jantan. 2011. AIA: Attack Intention Analysis Algorithm Based on D-S Theory with Causal Technique for Network Forensics - A Case Study. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Vol. 5, No. 9, pp. 230-237, September 2011. Scopus.12.M. Rasmi and Aman Jantan. 2011. Attack Intention Analysis Model for Network Forensics. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 403-411. Scopus. Springer-Link.13.Mohammad Rasmi, Aman Jantan, Abdulghani Ali Ahmed. Network Forensics Attack-Analysis Model Based on Similarity of Intention. The International Conference on Computer Application and Education Technology (ICCAET, 2011), 3-4 December 2011. Beijing, China. IEEE Computer Society. Scopus.14.M. Rasmi and Aman Jantan. 2011. A Model for NFAA-Network Forensics Attack Analysis. Proceedings of the 2011 3rd International Conference on Computer Engineering and Technology (ICCET 2011), ISBN: 9780791859735, Kuala Lumpur, pp. 739-747, 17-19 June 2011. Scopus

×