Home // SECURWARE 2022, The Sixteenth International Conference on Emerging Security Information, Systems and Technologies // View article
Authors:
Nicholas Phillips
Aisha Ali-Gombe
Keywords: Malware, Persistence Vectors, System Security, Reverse Engineering
Abstract:
Malware is the driving force for most cyber-attacks and, in recent years, has continued to be one of the most challenging threats facing our cyber infrastructure. Modern malware's adaptive design often leverages complex and evolving technologies to overcome various detection and preventive security tools. One of these techniques is Persistence - an ability to survive on victim systems past the current power cycle. The persistence vector allows the malware to live on host machines without detection. Thus, this paper conducts a longitudinal study and characterization of Windows malware Persistence Vectors (PVs) across more than 1000 malware samples. We explored the evolution, complexity, and stealthiness of persistence vectors in modern Windows malware families using the combination of static and dynamic analysis. The result of our study indicated that security tools and analysts could utilize PVs as decoys to strengthen malware defensive strategies.
Pages: 28 to 34
Copyright: Copyright (c) IARIA, 2022
Publication date: October 16, 2022
Published in: conference
ISSN: 2162-2116
ISBN: 978-1-68558-007-0
Location: Lisbon, Portugal
Dates: from October 16, 2022 to October 20, 2022