Forensic Analysis Avoidance Techniques of Malware
Document Type
Conference Proceeding
Publisher
School of Computer and Information Science, Edith Cowan University
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science
RAS ID
5273
Abstract
Anti-forensic techniques are increasingly being used by malware writers to avoid detection and analysis of their malicious code. Penalties for writing malware could include termination of employment, fines or even, imprisonment. Malware writers are motivated not to get caught and are actively using subversive techniques to avoid forensic analysis. Techniques employed include obfuscation, anti-disassembly, encrypted and compressed data, data destruction and anti-debugging. Automated detection and classification work is progressing in this field. This includes analysing statistical structures such as assembly instructions, system calls, system dependence graphs and classification through machine learning.
DOI
10.4225/75/57ad403c7ff2a
Access Rights
free_to_read
Comments
Brand, M. (2007). Forensic analysis avoidance techniques of malware. In Proceedings of the 5th Australian Digital Forensics Conference. (p. 59-66). Perth, Western Australia: Edith Cowan University. Available here