Preview

PDF Restricted - Request a copy 564Kb

Malware does not need to compromise the operating system kernel in order to provide an untrustworthy browsing experience for the user. This paper describes a simple, virtual machine-based, malware test environment built using freeware and open source software. The system was designed to allow the high-level behaviour of a piece of malware to be studied quickly and conveniently by monitoring network, process and file activity. The system proved effective when trialled against different samples of the well-known malware Zeus and was verified further by tests conducted with the commercially available anti-malware products PC-Tools and Trusteer. Although tests were conducted with variants of the Zeus malware, the techniques discussed in this paper are equally applicable to any other malware and can be used to quickly assess the effectiveness of potential anti-malware solutions. Also, the system is portable and simple, requiring only a general level of technical knowledge to operate, allowing it to be used as a convenient platform for a wide student and professional audience.

Item Type:	Refereed Article
Keywords:	Zeus, online banking, malware
Research Division:	Information and Computing Sciences
Research Group:	Other information and computing sciences
Research Field:	Other information and computing sciences not elsewhere classified
Objective Division:	Information and Communication Services
Objective Group:	Communication technologies, systems and services
Objective Field:	Communication technologies, systems and services not elsewhere classified
UTAS Author:	Lundie, S (Mr Samuel Lundie)
UTAS Author:	Rolf, D (Dr Daniel Rolf)
ID Code:	85542
Year Published:	2013
Deposited By:	Information and Communication Technology
Deposited On:	2013-07-16
Last Modified:	2014-05-12
Downloads:	0