Wednesday, 30 October 2013

 Journal of Information Warfare

After the 12th annual European Conference of Cyber Warfare and Security (ECCWS), used to be known as European Conference on Information Warfare and Security (ECIW) [1] held in July 2013 at the University of Jyvaskyla in Finland, the Journal of Information Warfare (JIW) [2] decided to select a few papers that stand out during the conference and invited the authors to submit an updated version of the submitted paper for the JIW (Volume 12, Issue 3). The title of the updated paper was Antivirus False-Positive Alerts, Evading Malware Detection, and Cyber-security Issues [3]. 

The continuous development of evolving malware types creates a need to study and understand how antivirus products detect and alert users. This paper investigates today’s antivirus solutions and how their false-positive alerts affect software development and the distribution process. The authors discuss and demonstrate how antivirus detection deals with bespoke applications and how this can be reversed and manipulated to evade detection, allowing the process to be used by malicious software developers. The paper also demonstrates how an undetected malicious piece of software can be developed without using advanced hiding techniques, which will also be capable of overcoming reputation-based detection systems.


No comments:

Post a Comment