Browse > Article
http://dx.doi.org/10.15207/JKCS.2017.8.5.037

Research on Registry Analysis based Malware Detection Method  

Hong, Sunghyuck (Div. of Information Communication, Baekseok University)
Publication Information
Journal of the Korea Convergence Society / v.8, no.5, 2017 , pp. 37-43 More about this Journal
Abstract
A registry is a hierarchy database which is designed to store information necessary for operating system and application programs in Windows operating system, and it is involved in all activities such as booting, logging, service execution, application execution, and user behavior. Digital forensic is widely used. In recent years, malicious codes have penetrated into systems in a way that is not recognized by the user, and valuable information is leaked or stolen, causing financial damages. Therefore, this study proposes a method to detect malicious code by using a shareware application without using expensive digital forensic program, so as to analysis hacking methods and prevent hacking damage in advance.
Keywords
Registry; malware; digital forensics; malware analysis; malware detection;
Citations & Related Records
Times Cited By KSCI : 6  (Citation Analysis)
연도 인용수 순위
1 R. M. Saidi, S. A. Ahmad, N. M. Noor and R. Yunos, "Windows registry analysis for forensic investigation," 2013 The International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), Konya, pp. 132-136, 2013.
2 Han-Gi Kim, Doon-Won Kim, and Jong-Seong Kim, "A Forensic Analysis Study on One Modification of Registry Access", Journal of the Korea Institute of Information Security and Cryptology, Vol. 26, No 5, pp. 1131-1139, 2016   DOI
3 Shuhui Zhang, Lianhai Wang and Lei Zhang, "Extracting windows registry information from physical memory," 3rd International Conference on Computer Research and Development, Shanghai, pp. 85-89, 2011.
4 Yoon-Su Jeong, Kun-Hee Han, Sang-Ho Lee, "Access Control Protocol for Privacy Guarantee of Patient in Emergency Environment", The Journal of Digital Convergence, Vol. 12, No. 07.6, pp. 279-284, 2014.   DOI
5 J. Upchurch and X. Zhou, "Malware provenance: code reuse detection in malicious software at scale," 2016 11th International Conference on Malicious and Unwanted Software (MALWARE), Fajardo, PR, USA, pp. 1-9, 2016.
6 Jung-Hoon Kim, Jun-Young Go, Keun-Ho Lee, "A Scheme of Social Engineering Attacks and Countermeasures Using Big Data based Conversion Voice Phishing", Korea Convergence Society, Vol. 6, No. 1, pp. 85-92, 2015.
7 MyounJae Lee, "Prevention Method for Wireless LAN Threats and War Driving Attack", The Journal of Digital Convergence, Vol. 12, No. 10.7, pp. 501-508, 2014.
8 WooSik Bae, "Mutual authentication and Formal Verification in M2M Environment", The Journal of Digital Convergence, Vol. 12, No. 09.5, pp. 219-224, 2014.
9 B. Dixon, "Investigating clustering algorithm DBSCAN to self select locations for power based malicious code detection on smartphones," 2017 Third International Conference on Mobile and Secure Services (MobiSecServ), Miami Beach, FL, USA, pp. 1-7, 2017.
10 B. Yoo, J. Bang, K. S. Lim and S. Lee, "Analysis of Window Transactional NTFS(TxF) and Transactional Registry(TxR) in the Digital Forensic Perspective," 2nd International Conference on Computer Science and its Applications, Jeju, Korea (South), pp. 1-5, 2009.
11 Cheol-Joo Chae, Han-Jin Cho, "Smart Fusion Agriculture based on Internet of Thing", Journal of the Korea Convergence Society, Vol. 7. No. 6, pp. 49-54, 2016.   DOI
12 A. Mohsin, S. Asghar and T. Naeem, "Intelligent security cycle: A rule based run time malicious code detection technique for SOAP messages," 2016 19th International Multi-Topic Conference (INMIC), Islamabad, pp. 1-10, 2016.
13 L. Zhiyong, S. Sai, H. Chengdong and W. Xueyu, "Detection Method of WEB Malicious Code Based on Link Analysis," 2016 International Symposium on Computer, Consumer and Control (IS3C), Xi'an, pp. 511-514, 2016.
14 J. Lee, H. Kim, H. Yoon and K. Lee, "How to detect unknown malicious code efficiently?," 2015 International Conference on Computing, Communication and Security (ICCCS), Pointe aux Piments, Mauritius, pp. 1-5, 2015.
15 Byung-chul Kim, "A Internet of Things(IoT) based exploration robot design for remote control and monitoring", Journal of digital Convergence, Vol. 13, No. 1, pp. 185-190, 2015.   DOI