Design of a new detection system for anti-virtualization malicious code

The development of sandbox technology caused some malicious programs to detect the virtualized environment, which affects the success rate and comprehensiveness of dynamic analysis about malicious code. This paper proposed a new detection system for anti-virtualization malicious code. By hiding the...

Full description

Saved in:
Bibliographic Details
Published in2023 International Conference on Networks, Communications and Intelligent Computing (NCIC) pp. 302 - 306
Main Authors Wu, Leitao, Zhang, Hengbo, Jiang, Shan
Format Conference Proceeding
LanguageEnglish
Published IEEE 17.11.2023
Subjects
anti-virtualization
behavior detection
Business
environmental simulation
Feature extraction
feature hiding
Human computer interaction
Malware
Performance analysis
Static analysis
Virtualization
Online AccessGet full text

Cover

More Information
Summary:The development of sandbox technology caused some malicious programs to detect the virtualized environment, which affects the success rate and comprehensiveness of dynamic analysis about malicious code. This paper proposed a new detection system for anti-virtualization malicious code. By hiding the characteristics of virtual environment and simulating the user operation in business environment, it could effectively avoid the malicious code to screen the virtualized environment. Combined with static analysis, the system takes both the success rate and efficiency of detection into account.
DOI:10.1109/NCIC61838.2023.00057