SlideShare ist ein Scribd-Unternehmen logo

Malware Analysis and Prediction System

A
Azri Hafiz
TechnologieBusiness
1 von 19
Prepared by: Security and Forensic Research Group School of Computer Sciences Universiti Sains Malaysia
General Incident Report Statistic 2012
Forensic Module Anti Malware Module server LAN Network internet End User Evidence And Report Prediction System Malware MAPS Evidence Analysis Repository
MAPS Prevention Prediction Malware Forensic Advanced Detection Identification Basic Filtering Filtering Classification Evidence Storage Database Updated Report Generated Signature Database
MAPS Server Client Side Side Anti- IDS Notification Identifier Analyser Forensic Hacking Send Store packet Network Malware Filtering notification Detection in .txt Tracer Analysis Analysis email Upload to host Malware Source Prevention Report database Prediction Destination Download from remote Get data from text file and database and store in store in sandbox database sandbox database Save filtered output Filter function based on and create report user / self define rules
Function MAPS Kaspersky Avira (Internet Security) Prediction ability to detect malware’s attack Malware analysis Forensic tools Signature database Online repository Multiple database
Ministry of Defense
Function Avira Kaspersky MAPS (Internet Security) Free Version Premium Version RM 59.00 RM 99.00 RM 75.00 Server RM 198.00 RM 160.00 RM 170.00 Forensic Module FREE with server packages
hard code programming efficiency on database and computer memory management on future attack of Malware easy to be used on any machine
Grant : FRGS Title : Malware Behavioral Analysis for Better Identification and Classification International – Scientific Research Book Publication : 1. Mohammad Bani Younes and Aman Jantan, “Image Encryption Using Block-Based Transformation Algorithm: Image Encryption and Decryption Process Using Block-Based Transformation Algorithm”. LAP LAMBERT Academic Publishing (October 9, 2011). ISBN-10: 3846512729, ISBN-13: 978-3846512722, Paperback: 176 pages. Language: English International Journal and Journal Proceedings 2. Abdulghani Ali Ahmed, Aman Jantan, Wan Tat Chee. 2011. SLA-Based Complementary Approach for Network Intrusion Detection. The International Journal for the Computer and Telecommunications Industry, Elsevier, ISSN: 0140-3664, Vol. 34, Issue 14, pp. 1738-1749, 1 September 2011. ISI/Scopus. Impact Factor 0.933. doi:10.1016/j.comcom.2011.03.013. 3. Abdulghani Almohimid, Aman Jantan, Mohammed Rasmi. 2012. Service violation monitoring model for detecting and tracing bandwidth abuse. Journal of Network and Systems Management (JONS). Impact Factor (2011): 1.356 (Q1 in Telecommunications and Q2 in Computer Science, Information Systems) Manuscript No. DOI 0.1007/s10922-012-9236-2 4. Mohamad Fadli Zolkipli and Aman Jantan, "A Framework for Malware Detection Using Combination Technique and Signature Generation," Second International Conference on Computer Research and Development, ICCRD 2010; IEEE Computer Society, pp. 196-199. DOI 10.1109/ICCRD.2010.25. Scopus. 5. Zolkipli, Mohamad Fadli and Aman Jantan. "Malware Behavior Analysis: Learning and Understanding Current Malware Threats," Network Applications Protocols and Services (NETAPPS), 2010 Second International Conference on , vol., no., pp.218-221, 22-23 Sept. 2010. DOI: 10.1109/NETAPPS.2010.46. Scopus.
6. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Malware Behavior Identification and Classification. Proceedings of the 2011 3rd International Conference on Computer Research and Development (ICCRD 2011), ISBN: 978-161284837-2, Shanghai, China, pp. 191-194, 11-15 March 2011. Scopus. 7. Mohamad Fadli Zolkipli and Aman Jantan. 2011. A Framework for Defining Malware Behavior Using Run Time Analysis and Resource Monitoring. J.M. Zain et al. (Eds.): ICSECS 2011, Part I, CCIS 179, pp. 199-209. Scopus. Springer-Link. 8. Mohd. Najwadi Yusoff and Aman Jantan. 2011. A Framework for Optimizing Malware Classification by Using Genetic Algorithm. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 58-72. Scopus. Springer- Link. 9. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Identifying Malware Operation and Target Using Run Time Analysis and Resource Monitoring. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Volume 5, Number 8, pp. 169-178, August 2011. Scopus. 10.Mohammad Rasmi, Aman Jantan, 2011. ASAS: Agile Similarity Attack Strategy Model based on Evidence Classification for Network Forensic Attack Analysis. Procedia-Computer Science Journal (ISSN: 1877- 0509). 11.M. Rasmi, Aman Jantan. 2011. AIA: Attack Intention Analysis Algorithm Based on D-S Theory with Causal Technique for Network Forensics - A Case Study. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Vol. 5, No. 9, pp. 230-237, September 2011. Scopus. 12.M. Rasmi and Aman Jantan. 2011. Attack Intention Analysis Model for Network Forensics. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 403-411. Scopus. Springer-Link. 13.Mohammad Rasmi, Aman Jantan, Abdulghani Ali Ahmed. Network Forensics Attack-Analysis Model Based on Similarity of Intention. The International Conference on Computer Application and Education Technology (ICCAET, 2011), 3-4 December 2011. Beijing, China. IEEE Computer Society. Scopus. 14.M. Rasmi and Aman Jantan. 2011. A Model for NFAA-Network Forensics Attack Analysis. Proceedings of the 2011 3rd International Conference on Computer Engineering and Technology (ICCET 2011), ISBN: 9780791859735, Kuala Lumpur, pp. 739-747, 17-19 June 2011. Scopus

Empfohlen

Forensic Analysis and Discovery System
Forensic Analysis and Discovery SystemForensic Analysis and Discovery System
Forensic Analysis and Discovery System
Azri Hafiz
 
Intrusion Alert Correlation
Intrusion Alert CorrelationIntrusion Alert Correlation
Intrusion Alert Correlation
amiable_indian
 
Finding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection ExploitsFinding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection Exploits
amiable_indian
 
IDS - Fact, Challenges and Future
IDS - Fact, Challenges and FutureIDS - Fact, Challenges and Future
IDS - Fact, Challenges and Future
amiable_indian
 
504 508
504 508504 508
504 508
Editor IJARCET
 
[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...
[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...
[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...
IJET - International Journal of Engineering and Techniques
 
O046048187
O046048187O046048187
O046048187
IJERA Editor
 
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
IJCSIS Research Publications
 

Empfohlen

Forensic Analysis and Discovery System
Forensic Analysis and Discovery SystemForensic Analysis and Discovery System
Forensic Analysis and Discovery System
Azri Hafiz
 
Intrusion Alert Correlation
Intrusion Alert CorrelationIntrusion Alert Correlation
Intrusion Alert Correlation
amiable_indian
 
Finding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection ExploitsFinding Diversity In Remote Code Injection Exploits
Finding Diversity In Remote Code Injection Exploits
amiable_indian
 
IDS - Fact, Challenges and Future
IDS - Fact, Challenges and FutureIDS - Fact, Challenges and Future
IDS - Fact, Challenges and Future
amiable_indian
 
504 508
504 508504 508
504 508
Editor IJARCET
 
[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...
[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...
[IJET-V1I6P6] Authors: Ms. Neeta D. Birajdar, Mr. Madhav N. Dhuppe, Ms. Trupt...
IJET - International Journal of Engineering and Techniques
 
O046048187
O046048187O046048187
O046048187
IJERA Editor
 
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
IJCSIS Research Publications
 
Clustering Categorical Data for Internet Security Applications
Clustering Categorical Data for Internet Security ApplicationsClustering Categorical Data for Internet Security Applications
Clustering Categorical Data for Internet Security Applications
IJSTA
 
714 728
714 728714 728
714 728
Editor IJARCET
 
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET Journal
 
Psdot 13 robust data leakage and email filtering system
Psdot 13 robust data leakage and email filtering systemPsdot 13 robust data leakage and email filtering system
Psdot 13 robust data leakage and email filtering system
ZTech Proje
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
Testbed For Ids
Testbed For IdsTestbed For Ids
Testbed For Ids
amiable_indian
 
On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
Sarah Rudd
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
SBGC
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data mining
balbeerrawat
 
Network security using data mining concepts
Network security using data mining conceptsNetwork security using data mining concepts
Network security using data mining concepts
Jaideep Ghosh
 
Intrution detection
Intrution detectionIntrution detection
Intrution detection
ingenioustech
 
BIOMETRIC REMOTE AUTHENTICATION
BIOMETRIC REMOTE AUTHENTICATIONBIOMETRIC REMOTE AUTHENTICATION
BIOMETRIC REMOTE AUTHENTICATION
Journal For Research
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network Security
SBGC
 
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityWhitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Happiest Minds Technologies
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
Affine Analytics
 
Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Editor IJMTER
 
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONCONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
IJNSA Journal
 
Optimised malware detection in digital forensics
Optimised malware detection in digital forensicsOptimised malware detection in digital forensics
Optimised malware detection in digital forensics
IJNSA Journal
 
IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...
IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...
IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...
IRJET Journal
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
Symantec
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
jmical
 

Weitere ähnliche Inhalte

Was ist angesagt?

IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
Sarah Rudd
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data mining
balbeerrawat
 
BIOMETRIC REMOTE AUTHENTICATION
BIOMETRIC REMOTE AUTHENTICATIONBIOMETRIC REMOTE AUTHENTICATION
BIOMETRIC REMOTE AUTHENTICATION
Journal For Research
 
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityWhitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Happiest Minds Technologies
 
Optimised malware detection in digital forensics
Optimised malware detection in digital forensicsOptimised malware detection in digital forensics
Optimised malware detection in digital forensics
IJNSA Journal
 

Was ist angesagt? (19)

Clustering Categorical Data for Internet Security Applications
Clustering Categorical Data for Internet Security ApplicationsClustering Categorical Data for Internet Security Applications
Clustering Categorical Data for Internet Security Applications
 
714 728
714 728714 728
714 728
 
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
 
Psdot 13 robust data leakage and email filtering system
Psdot 13 robust data leakage and email filtering systemPsdot 13 robust data leakage and email filtering system
Psdot 13 robust data leakage and email filtering system
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
Testbed For Ids
Testbed For IdsTestbed For Ids
Testbed For Ids
 
On-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-SystemOn-Analyzing-a-Layered-Defense-System
On-Analyzing-a-Layered-Defense-System
 
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
Network security java ieee projects 2012 @ Seabirds ( Trichy, Pudukkottai, Ta...
 
Intrusion detection using data mining
Intrusion detection using data miningIntrusion detection using data mining
Intrusion detection using data mining
 
Network security using data mining concepts
Network security using data mining conceptsNetwork security using data mining concepts
Network security using data mining concepts
 
Intrution detection
Intrution detectionIntrution detection
Intrution detection
 
BIOMETRIC REMOTE AUTHENTICATION
BIOMETRIC REMOTE AUTHENTICATIONBIOMETRIC REMOTE AUTHENTICATION
BIOMETRIC REMOTE AUTHENTICATION
 
IEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network SecurityIEEE Projects 2012-2013 Network Security
IEEE Projects 2012-2013 Network Security
 
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network SecurityWhitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
Whitepaper- User Behavior-Based Anomaly Detection for Cyber Network Security
 
Deep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection systemDeep Learning based Threat / Intrusion detection system
Deep Learning based Threat / Intrusion detection system
 
Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...Hybrid Intrusion Detection System using Weighted Signature Generation over An...
Hybrid Intrusion Detection System using Weighted Signature Generation over An...
 
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONCONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATION
 
Optimised malware detection in digital forensics
Optimised malware detection in digital forensicsOptimised malware detection in digital forensics
Optimised malware detection in digital forensics
 
IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...
IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...
IRJET- A Survey on Private Messaging based on QR Code using Visual Secret Sha...
 

Ähnlich wie Malware Analysis and Prediction System

Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
Symantec
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
jmical
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal Stern
OpenStorageSummit
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
Redefining siem to real time security intelligence
Redefining siem to real time security intelligenceRedefining siem to real time security intelligence
Redefining siem to real time security intelligence
Brendaly Marcano
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
Loay Elbasyouni
 
AN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMAN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEM
Apoorv Pandey
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentation
Andrew Wong
 
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
IJNSA Journal
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learned
Yury Chemerkin
 

Ähnlich wie Malware Analysis and Prediction System (20)

Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal Stern
 
Distributed Shared Memory on Ericsson Labs
Distributed Shared Memory on Ericsson LabsDistributed Shared Memory on Ericsson Labs
Distributed Shared Memory on Ericsson Labs
 
What's new in​ CEHv11?
What's new in​ CEHv11?What's new in​ CEHv11?
What's new in​ CEHv11?
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
Redefining siem to real time security intelligence
Redefining siem to real time security intelligenceRedefining siem to real time security intelligence
Redefining siem to real time security intelligence
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
 
AN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEMAN INTRUSION DETECTION SYSTEM
AN INTRUSION DETECTION SYSTEM
 
Trend micro real time threat management press presentation
Trend micro real time threat management press presentationTrend micro real time threat management press presentation
Trend micro real time threat management press presentation
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
 
Sensor Network
Sensor NetworkSensor Network
Sensor Network
 
Minesoft Presentation
Minesoft PresentationMinesoft Presentation
Minesoft Presentation
 
A lightweight secure scheme for detecting
A lightweight secure scheme for detectingA lightweight secure scheme for detecting
A lightweight secure scheme for detecting
 
Double guard synopsis
Double guard synopsisDouble guard synopsis
Double guard synopsis
 
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL NEURAL NETWO...
 
Malware Detection Approaches using Data Mining Techniques.pptx
Malware Detection Approaches using Data Mining Techniques.pptxMalware Detection Approaches using Data Mining Techniques.pptx
Malware Detection Approaches using Data Mining Techniques.pptx
 
IDS / IPS Survey
IDS / IPS SurveyIDS / IPS Survey
IDS / IPS Survey
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learned
 

Kürzlich hochgeladen

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Kürzlich hochgeladen (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Malware Analysis and Prediction System

  • 1. Prepared by: Security and Forensic Research Group School of Computer Sciences Universiti Sains Malaysia
  • 2.
  • 3.
  • 4. General Incident Report Statistic 2012
  • 5.
  • 6. Forensic Module Anti Malware Module server LAN Network internet End User Evidence And Report Prediction System Malware MAPS Evidence Analysis Repository
  • 7. MAPS Prevention Prediction Malware Forensic Advanced Detection Identification Basic Filtering Filtering Classification Evidence Storage Database Updated Report Generated Signature Database
  • 8. MAPS Server Client Side Side Anti- IDS Notification Identifier Analyser Forensic Hacking Send Store packet Network Malware Filtering notification Detection in .txt Tracer Analysis Analysis email Upload to host Malware Source Prevention Report database Prediction Destination Download from remote Get data from text file and database and store in store in sandbox database sandbox database Save filtered output Filter function based on and create report user / self define rules
  • 9.
  • 10.
  • 11. Function MAPS Kaspersky Avira (Internet Security) Prediction ability to detect malware’s attack Malware analysis Forensic tools Signature database Online repository Multiple database
  • 12.
  • 14. Function Avira Kaspersky MAPS (Internet Security) Free Version Premium Version RM 59.00 RM 99.00 RM 75.00 Server RM 198.00 RM 160.00 RM 170.00 Forensic Module FREE with server packages
  • 15. hard code programming efficiency on database and computer memory management on future attack of Malware easy to be used on any machine
  • 16.
  • 17. Grant : FRGS Title : Malware Behavioral Analysis for Better Identification and Classification International – Scientific Research Book Publication : 1. Mohammad Bani Younes and Aman Jantan, “Image Encryption Using Block-Based Transformation Algorithm: Image Encryption and Decryption Process Using Block-Based Transformation Algorithm”. LAP LAMBERT Academic Publishing (October 9, 2011). ISBN-10: 3846512729, ISBN-13: 978-3846512722, Paperback: 176 pages. Language: English International Journal and Journal Proceedings 2. Abdulghani Ali Ahmed, Aman Jantan, Wan Tat Chee. 2011. SLA-Based Complementary Approach for Network Intrusion Detection. The International Journal for the Computer and Telecommunications Industry, Elsevier, ISSN: 0140-3664, Vol. 34, Issue 14, pp. 1738-1749, 1 September 2011. ISI/Scopus. Impact Factor 0.933. doi:10.1016/j.comcom.2011.03.013. 3. Abdulghani Almohimid, Aman Jantan, Mohammed Rasmi. 2012. Service violation monitoring model for detecting and tracing bandwidth abuse. Journal of Network and Systems Management (JONS). Impact Factor (2011): 1.356 (Q1 in Telecommunications and Q2 in Computer Science, Information Systems) Manuscript No. DOI 0.1007/s10922-012-9236-2 4. Mohamad Fadli Zolkipli and Aman Jantan, "A Framework for Malware Detection Using Combination Technique and Signature Generation," Second International Conference on Computer Research and Development, ICCRD 2010; IEEE Computer Society, pp. 196-199. DOI 10.1109/ICCRD.2010.25. Scopus. 5. Zolkipli, Mohamad Fadli and Aman Jantan. "Malware Behavior Analysis: Learning and Understanding Current Malware Threats," Network Applications Protocols and Services (NETAPPS), 2010 Second International Conference on , vol., no., pp.218-221, 22-23 Sept. 2010. DOI: 10.1109/NETAPPS.2010.46. Scopus.
  • 18.
  • 19. 6. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Malware Behavior Identification and Classification. Proceedings of the 2011 3rd International Conference on Computer Research and Development (ICCRD 2011), ISBN: 978-161284837-2, Shanghai, China, pp. 191-194, 11-15 March 2011. Scopus. 7. Mohamad Fadli Zolkipli and Aman Jantan. 2011. A Framework for Defining Malware Behavior Using Run Time Analysis and Resource Monitoring. J.M. Zain et al. (Eds.): ICSECS 2011, Part I, CCIS 179, pp. 199-209. Scopus. Springer-Link. 8. Mohd. Najwadi Yusoff and Aman Jantan. 2011. A Framework for Optimizing Malware Classification by Using Genetic Algorithm. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 58-72. Scopus. Springer- Link. 9. Mohamad Fadli Zolkipli, Aman Jantan. 2011. An Approach for Identifying Malware Operation and Target Using Run Time Analysis and Resource Monitoring. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Volume 5, Number 8, pp. 169-178, August 2011. Scopus. 10.Mohammad Rasmi, Aman Jantan, 2011. ASAS: Agile Similarity Attack Strategy Model based on Evidence Classification for Network Forensic Attack Analysis. Procedia-Computer Science Journal (ISSN: 1877- 0509). 11.M. Rasmi, Aman Jantan. 2011. AIA: Attack Intention Analysis Algorithm Based on D-S Theory with Causal Technique for Network Forensics - A Case Study. International Journal of Digital Content Technology and its Applications (JDCTA), ISSN: 1975-9339, Vol. 5, No. 9, pp. 230-237, September 2011. Scopus. 12.M. Rasmi and Aman Jantan. 2011. Attack Intention Analysis Model for Network Forensics. J.M. Zain et al. (Eds.): ICSECS 2011, Part II, CCIS 180, pp. 403-411. Scopus. Springer-Link. 13.Mohammad Rasmi, Aman Jantan, Abdulghani Ali Ahmed. Network Forensics Attack-Analysis Model Based on Similarity of Intention. The International Conference on Computer Application and Education Technology (ICCAET, 2011), 3-4 December 2011. Beijing, China. IEEE Computer Society. Scopus. 14.M. Rasmi and Aman Jantan. 2011. A Model for NFAA-Network Forensics Attack Analysis. Proceedings of the 2011 3rd International Conference on Computer Engineering and Technology (ICCET 2011), ISBN: 9780791859735, Kuala Lumpur, pp. 739-747, 17-19 June 2011. Scopus