A Development Framework for TCP/IP Network Steganography Malware Detection
Association for Computing Machinery (Hrsg). Proceedings of the 2024 ACM Workshop on Information Hiding and Multimedia Security. Baiona: ACM 2024 S. 95 - 100
Erscheinungsjahr: 2024
Publikationstyp: Diverses (Konferenzbeitrag)
Sprache: Englisch
Doi/URN: 10.1145/3658664.3659651
| Geprüft | Bibliothek |
Inhaltszusammenfassung
Stegomalware poses a rising threat in the security landscape as more and more malware samples use steganography to disguise their network traffic, rendering traditional detection approaches less and less useful. To detect such advanced threats, it is important to identify and focus on unique characteristics of stegomalware. We present a new malware detection framework tailored for stegomalware nested in TCP/IP protocols. With the framework, we are able to observe real malware in a secure envi...Stegomalware poses a rising threat in the security landscape as more and more malware samples use steganography to disguise their network traffic, rendering traditional detection approaches less and less useful. To detect such advanced threats, it is important to identify and focus on unique characteristics of stegomalware. We present a new malware detection framework tailored for stegomalware nested in TCP/IP protocols. With the framework, we are able to observe real malware in a secure environment, use the gained insights to create realistic simulations, extract relevant characteristics and perform detection based on the gained data. The goal of the framework is to enable and streamline the process of developing new detection methods.» weiterlesen» einklappen
Autoren
Klassifikation
DFG Fachgebiet:
Informatik
DDC Sachgruppe:
Informatik
