Journal article icon

Journal article

Applications undercover: Detecting disguised processes through application behaviour profiling

Abstract:

In order to avoid detection, malware can disguise itself as a legitimate program or hijack system processes to reach its goals. Commonly used signature-based Intrusion Detection Systems (IDS) struggle to distinguish between these processes and are thus only of limited use to detect these kind of attacks. They also have the shortcoming that they need to be updated frequently to possess the latest malware definitions. This makes them inherently prone to missing novel attacks. Misuse detectio...

Expand abstract
Publication status:
Not Published
Peer review status:
Not peer reviewed
Version:
Publisher's Version

Actions


Access Document


Files:

Authors


More by this author
Institution:
University of Oxford
Department:
CDT in Cyber Security
Series:
CDT Technical Paper Series 32/15
URN:
uuid:9ac574b6-7138-4651-9402-8715513facb8
Local pid:
ora:12314
Language:
English
Subjects:

Terms of use


Metrics



If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP