*1Hitachi,Ltd., 890 Kashimada, Saiwai-Ku, Kawasaki, Kanagawa nobutaka.kawaguchi.ue@hitachi.com *2 KDDI Corporation, 3-10-10 Iidabashi, Chiyoda, Tokyo *3 SecureBrain Corporation, 2-6-7 Koujimachi, Chiyoda, Tokyo *4 National Institute of Information and Communications Technology, 4-2-1 Nukui-Kitamachi, Koganei, Tokyo Abstract With the increasing number of new malware species, traditional malware detection approaches relying on signature files are being less effective, since it is quite difficult for anti-virus vendors to keep up with the frequent appearance of new malware species. In this situation, we are developing a system called Anti-malware User Support System, which detects malware files using dynamic analysis and remove them from user PCs. This system first finds suspicious files from a user PC by means of a client agent. Then, the suspicious files are sent to and analyzed by a malware analysis system. Finally, this system removes detected malware files in the user PC by generating, sending and executing custom-made removable tools automatically. In this paper, we analyze malware files in the CCC DATASet 2010 using the proposed system and show the results.
[1]
Lorenzo Martignoni,et al.
How Good Are Malware Detectors at Remediating Infected Systems?
,
2009,
DIMVA.
[2]
Koji Nakao,et al.
Automated Malware Analysis System and Its Sandbox for Revealing Malware's Internal and External Activities
,
2009,
IEICE Trans. Inf. Syst..
[3]
Georg Wicherski,et al.
peHash: A Novel Approach to Fast Malware Clustering
,
2009,
LEET.
[4]
Christopher Krügel,et al.
Polymorphic Worm Detection Using Structural Information of Executables
,
2005,
RAID.
[5]
Farnam Jahanian,et al.
CloudAV: N-Version Antivirus in the Network Cloud
,
2008,
USENIX Security Symposium.