https://scholars.lib.ntu.edu.tw/handle/123456789/333666
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.author | S. Y. Dai | en_US |
dc.contributor.author | S. Y. Kuo | en_US |
dc.contributor.author | SY-YEN KUO | zz |
dc.creator | S. Y. Dai;S. Y. Kuo | - |
dc.date.accessioned | 2018-09-10T06:35:09Z | - |
dc.date.available | 2018-09-10T06:35:09Z | - |
dc.date.issued | 2007-12 | - |
dc.identifier.uri | http://scholars.lib.ntu.edu.tw/handle/123456789/333666 | - |
dc.description.abstract | In order for financial-motivated malware programs such as spyware, virus and worm to survive after system rebooted, they have to modify entries in auto start extensibility points (ASEPs), system calls or system files on a comprised system. We call these system resources which a malware program could attack once it intrudes a host as Malware Attacking Points (MAPs). Based on this observation, we design and implement MAPMon, a monitoring mechanism to detect any suspicious change of Malware Attacking Points. This paper describes the design and implementation trade-off of the MAPMon tool. The effectiveness of the MAPMon tool for malware detection is evaluated by using real-world malware programs including those that do not have signatures. © 2007 IEEE. | - |
dc.language | en | en |
dc.relation.ispartof | 2007 Pacific Rim International Symposium on Dependable Computing (PRDC'07) | en_US |
dc.source | AH-anncc | - |
dc.subject | Auto-start extensibility point; Backdoor; Honeypot; Malicious software; Malware attacking points | - |
dc.subject.classification | [SDGs]SDG16 | - |
dc.subject.other | Codes (symbols); Computer crime; Machine design; Maps; Auto-start extensibility point; Backdoor; Dependable computing; Honeypot; Host-based; International symposium; Malicious software; Malware; Malware attacking points; Malware detection; Pacific Rim; Real-world; Spyware; System calls; System files; System resources; Computer worms | - |
dc.title | MAPMon: A Host-Based Malware Detection Tool | - |
dc.type | conference paper | en |
dc.identifier.doi | 10.1109/PRDC.2007.47 | - |
dc.identifier.scopus | 2-s2.0-50049126427 | - |
dc.relation.pages | 346-356 | - |
item.openairecristype | http://purl.org/coar/resource_type/c_5794 | - |
item.openairetype | conference paper | - |
item.grantfulltext | none | - |
item.cerifentitytype | Publications | - |
item.fulltext | no fulltext | - |
crisitem.author.dept | Electrical Engineering | - |
crisitem.author.dept | Electronics Engineering | - |
crisitem.author.dept | Networking and Multimedia | - |
crisitem.author.dept | Computer Science and Information Engineering | - |
crisitem.author.dept | Center for Quantum Science and Engineering (CQSE) | - |
crisitem.author.orcid | 0000-0002-2504-2608 | - |
crisitem.author.parentorg | College of Electrical Engineering and Computer Science | - |
crisitem.author.parentorg | College of Electrical Engineering and Computer Science | - |
crisitem.author.parentorg | College of Electrical Engineering and Computer Science | - |
crisitem.author.parentorg | College of Electrical Engineering and Computer Science | - |
crisitem.author.parentorg | Others: University-Level Research Centers | - |
顯示於: | 電機工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。