论文信息 - Zero-day Malicious Email Behavior Investigation and Analysis

Zero-day Malicious Email Behavior Investigation and Analysis

Zero-day malware which is created by cyber deviants is a critical risk and menace because neither machines nor cyber security tools can easily detect them. Phishing emails are the most common point of intrusion for attackers, who randomly send malware to general users. Based on the rise of phishing emails with zero-day malware behavior, the research workshop uses information security analysis tools as well as develop new tools to define an investigation procedure to investigate malware behavior in order to meet the aims of understanding them better, being able to track them effectively, and collect information to find and help infected victims inside an organization’s network.

Sanouphab Phomkeona | Koji Okamura | Kristan Edwards | Yoshitatus Ban

[1] Wenke Lee,et al. Ether: malware analysis via hardware virtualization extensions , 2008, CCS.

[2] M. Heroux,et al. Behavior-Based Spyware Detection State of the Field , 2014 .

[3] Koji Okamura,et al. An Analysis of Botnet Attack for SMTP Server using Software Define Network (SDN) (技術と社会・倫理) , 2016 .

[4] Christopher Krügel,et al. Exploring Multiple Execution Paths for Malware Analysis , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[5] Leyla Bilge,et al. Before we knew it: an empirical study of zero-day attacks in the real world , 2012, CCS.

[6] Somesh Jha,et al. Semantics-aware malware detection , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[7] Somesh Jha,et al. Static Analysis of Executables to Detect Malicious Patterns , 2003, USENIX Security Symposium.

[8] Peter Szor,et al. The Art of Computer Virus Research and Defense , 2005 .

[9] Zhendong Su,et al. Temporal search: detecting hidden malware timebombs with virtual machines , 2006, ASPLOS XII.