Behavioural API based Virus Analysis and Detection

dc.contributor.authorAl Amro, S.en
dc.contributor.authorCau, A. (Antonio)en
dc.date.accessioned2012-12-13T15:26:52Z
dc.date.available2012-12-13T15:26:52Z
dc.date.issued2012
dc.description.abstractThe growing number of computer viruses and the detection of zero day malware have been the concern for security researchers for a large period of time. Existing antivirus products (AVs) rely on detecting virus signatures which do not provide a full solution to the problems associated with these viruses. The use of logic formulae to model the behaviour of viruses is one of the most encouraging recent developments in virus research, which provides alternatives to classic virus detection methods. To address the limitation of traditional AVs, we proposed a virus detection system based on extracting Application Program Interface (API) calls from virus behaviours. The proposed research uses a temporal logic and behaviour-based detection mechanism to detect viruses at both user and kernel level. Interval Temporal Logic (ITL) will be used for virus specifications, properties and formulae based on the analysis of API calls representing the behaviour of computer viruses.en
dc.identifier.citationAl Amro, S. and Cau, A. (2012) Behavioural API based Virus Analysis and Detection. International Journal of Computer Science and Information Security, 10 (5), pp. 14-22en
dc.identifier.issn1947-5500
dc.identifier.urihttp://hdl.handle.net/2086/7935
dc.language.isoenen
dc.peerreviewedYesen
dc.researchgroupSoftware Technology Research Laboratory (STRL)en
dc.subjectcomputer virusesen
dc.subjectvirus behaviouren
dc.subjectAPI callsen
dc.subjectinterval temporal logicen
dc.titleBehavioural API based Virus Analysis and Detectionen
dc.typeArticleen

Files

License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
3.18 KB
Format:
Item-specific license agreed upon to submission
Description: