Fig. 1. Path of distribution of malicious code
Fig. 2. Process for collecting and analyzing patterns of malicious code distribution
Fig. 3. Process of performance experiment using detection prototype system
Fig. 4. DLL information setting of prototype system developed for experiment
Fig. 5. Analysis result view of prototype system developed for experiment
Fig. 6. Search source view of prototype system developed for experiment
Table 1. OWASP Top 10 Vulnerabilities
Table 2. Results of analysis on the distribution patterns of malicious scripts
Table 3. Malicious script detection items by distribution Pattern
Table 4. Detection rate by diffusion pattern detection items
참고문헌
- S. Y. Min, C. S. Jung, K. H. Lee, E. S. Cho, T. B. Yoon, S. H. You, "Design of Comprehensive Security Vulnerability Analysis System through Efficient Inspection Method according to Necessity of Upgrading System Vulnerability", Journal of the Korea Academia-Industrial, Vol.18, No.7, pp.1-8, 2015. DOI: http://dx.doi.org/10.5762/KAIS.2017.18.7.1
- K. S. Jeong, S. Bae, H. Kim, "Evaluation Criteria for Suitable Authentication Method for IoT Service Provider in Industry 4.0 Environment", Journal of the Society of Korea Industrial and Systems Engineering, Vol.40, No.3, pp.116-122, 2017. DOI: https://doi.org/10.11627/jkise.2017.40.3.116
- A. Mateen, Q. Zhu, S. Afsar, M. Usman, "IoT and Wireless Sensor Network Monitoring for Campus Security", The Journal of The Institute of Internet, Broadcasting and Communication, Vol.18, No.6, pp.33-41, 2018. DOI: https://doi.org/10.7236/JIIBC.2018.18.6.33
- Y. S. Kim, B. K. Lee, "CoAP/6LoWPAN-based Smart Home Network system using DTLS", The Journal of The Institute of Internet, Broadcasting and Communication, Vol.18, No.6, pp.53-61, 2018. DOI: https://doi.org/10.7236/JIIBC.2018.18.6.53
- S. T. Yu, S. H. Oh, "Malware Analysis Mechanism using the Word Cloud based on API Statistics", Journal of the Korea Academia-Industrial, Vol.16, No.10, pp.7211-7218, 2015. DOI: http://dx.doi.org/10.5762/KAIS.2015.16.10.7211
- S. Y. Min, E. S. Cho, B. W. Jin, "A Implement of Integrated Management Systems for User Fraud Protection and Malware Infection Prevention", Journal of the Korea Academia-Industrial, Vol.16, No.12, pp.8908-8914, 2015. DOI: http://dx.doi.org/10.5762/KAIS.2015.16.12.8908
- E. S. Lee, S. R. Kim, Y. K. Kim, "A Study on Enhancing Security Management of IT Outsourcing for Information System Establishment and Operation", The Journal of The Institute of Internet, Broadcasting and Communication, Vol.17, No.4, pp.27-34, 2017. DOI: https://doi.org/10.7236/JIIBC.2017.17.4.27
- H. T. Lee, "Analysis of Security Technology for Internet of things", The Journal of The Institute of Internet, Broadcasting and Communication, Vol.17, No.4, pp.43-48, 2017. DOI: https://doi.org/10.7236/JIIBC.2017.17.4.43
- H. H. Jung, H. Y. Kwon, "A Study on the Necessity of the Introduction of Professional Certification System for Financial Security", The Journal of The Institute of Internet, Broadcasting and Communication, Vol.17, No.4, pp.209-218, 2017. DOI: https://doi.org/10.7236/JIIBC.2017.17.4.209
- K. A. Yang, D. W. Shin, J. K. Kim, B. C. Bae, "Trend and Prospect of Security System Technology for Network", The Journal of The Institute of Internet, Broadcasting and Communication, Vol.18, No.5, pp.1-8, 2018. DOI: https://doi.org/10.7236/JIIBC.2018.18.5.1
- S. Y. Lee, J. Y. Kim, "Performance of privacy Amplification in Quantum Key Distribution Systems", The Journal of The Institute of Internet, Broadcasting and Communication, Vol.18, No.5, pp.111-116, 2018. DOI: https://doi.org/10.7236/JIIBC.2018.18.5.111
- M. Ahmadi, D. Ulyanov, S. Semenov, M. Trofimov, G. Giacinto, "Novel feature extraction, selection and fusion for effective malware family classification", Proceedings of the sixth ACM conference on data and application security and privacy, pp.183-194. March 2016. DOI: http://dx.doi.org/10.1145/2857705.2857713
- S. Hansen, S. T. Larsen, M. T. Stevanovic, J. M. Pedersen, "An approach for detection and family classification of malware based on behavioral analysis", Proceedings of International Conference, In Computing, Networking and Communications(ICNC), IEEE, pp.1-5, Feb. 2016. DOI: http://dx.doi.org/10.1109/ICCNC.2016.7440587
- Y. J. Ki, E. J. Kim, H. K. Kim, "A novel approach to detect malware based on API call sequence analysis", International Journal of Distributed Sensor Networks, Vol.2015, No.4, pp. 1-9, 2015. DOI: https://doi.org/10.1155/2015/659101
- K. Rieck, T. Holz, C. Willems, P. Dusse, P. Laskov, "Learning and classification of malware behavior", Proceedings of International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, pp.108-125, 2018. DOI: https://doi.org/10.1007/978-3-540-70542-0_6
- Y. Fan, Y. Ye, L. Chen, "Malicious sequential pattern mining for automatic malware detection", Expert Systems with Applications, Vol.52, pp.16-25. 2016. DOI: https://doi.org/10.1016/j.eswa.2016.01.002
- J. Saxe, K. Berlin, "Deep neural network based malware detection using two dimensional binary program features", Proceedings of Malicious and Unwanted Software(MALWARE), 10th International Conference, IEEE, pp.11-20, Oct. 2015. DOI: https://doi.org/10.1109/MALWARE.2015.7413680
- B. Sun, Q. Li, Y. Guo, Q. Wen, X. Lin, W. Liu, "Malware family classification method based on static feature extraction", Proceedings of 3rd International Conference, In Computer and Communications (ICCC), IEEE, pp.507-513. March 2017. DOI: https://doi.org/10.1109/CompComm.2017.8322598
- S. Acharya, B. Ehrenreich, J. Marciniak, "OWASP inspired mobile security", Proceedings of International Conference, Bioinformatics and Biomedicine(BIBM), IEEE, pp.782-784, 2015. DOI: https://doi.org/10.1109/BIBM.2015.7359786
- P. Royal, M. Halpin, D. Dagon, R. Edmonds, W. Lee, "PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware", Proceedings of 22nd Annual Computer Security Applications Conference (ACSAC'06), IEEE, pp.289-300, 2006. DOI: https://doi.org/10.1109/ACSAC.2006.38
- W. Li, C. Li, M. Duan, "Method for detecting the obfuscated malicious code based on behavior connection", Proceedings of 3rd International Conference on Cloud Computing and Intelligence Systems, IEEE, Nov. 2014. DOI: https://doi.org/10.1109/CCIS.2014.7175735
- A. Shabtal, R. Moskopvitch, C. Feher, S. Dolev, Y. Elovici, "Detecting unknown malicious code by applying classification techniques on opcode patterns", Security Informatics, Vol.1, No.1, 2012. DOI: https://doi.org/10.1186/2190-8532-1-1
- C. She, Y. Ma, J. Wang, L. Jia, "An improved malicious code intrusion detection method based on target tree for space information network", International Journal of Distributed Sensor Networks, Vol. 13, No. 12, 2017. DOI: https://doi.org/10.1177/1550147717747847
- D. D. Lille, B. Coppens, D. Raman, B. D. Sutter, "Automatically combining static malware detection techniques", Proceedings of 10th International Conference on Malicious and Unwanted Software(MALWARE), pp.48-55, Oct. 2015. DOI: https://doi.org/10.1109/MALWARE.2015.7413684
- P. Vinod, R. Jaipur, V. Laxmi and M. Gaur, "Survey on malware detection methods", Proceedings of the 3rd hackers' workshop on computer and internet security, pp.74-79, 2009.
- M. Egele, T. Scholte, E. Kirda, C. Kruegel, "A survey on automated dynamic malware-analysis techniques and tools", ACM computing surveys (CSUR), Vol. 44, No.2, 2012. DOI: https://doi.org/10.1145/2089125.2089126