Abstract
Cybercrime has rapidly developed in recent years and malware is one of the major security threats in computer which have been in existence from the very early days. There is a lack of understanding of such malware threats and what mechanisms can be used in implementing security prevention as well as to detect the threat. The main contribution of this paper is a step towards addressing this by investigating the different techniques adopted by obfuscated malware as they are growingly widespread and increasingly sophisticated with zero-day exploits. In particular, by adopting certain effective detection methods our investigations show how cybercriminals make use of file system vulnerabilities to inject hidden malware into the system. The paper also describes the recent trends of Zeus botnets and the importance of anomaly detection to be employed in addressing the new Zeus generation of malware.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Herrera-Flanigan, J.R., Ghosh, S.: Criminal Regulations. In: Ghosh, S., Turrini, E. (eds.) Cybercrimes: A Multidisciplinary Analysis, pp. 265–308. Springer, Heidelberg (2010)
Alazab, M., Venkataraman, S., Watters, P.: Effective digital forensic analysis of the NTFS disk image. Ubiquitous Computing and Communication Journal 4, 551–558 (2009)
RSA: The Current State of Cybercrime and What to Expect in 2011. RSA 2011 cybercrime trends report (2011)
Venkatraman, S.: Autonomic Context-Dependent Architecture for Malware Detection. In: Proceedings of International Conference on e-Technology, International Business Academics Consortium, Singapore, pp. 2927–2947 (2009)
Alperovitch, D., Dirro, T., Greve, P., Kashyap, R., Marcus, D., Masiello, S., Paget, F., Schmugar, C.: McAfee Labs - 2011 Threats Predictions. McAfee, Inc. (2011)
Jahankhani, H., Al-Nemrat, A.: Global E-Security. Communications in Computer and Information Science. In: Jahankhani, H., Revett, K., Palmer-Brown, D. (eds.) ICGeS 2008. CCIS, vol. 12, pp. 3–9. Springer, Heidelberg (1974)
Jahankhani, H., Al-Nemrat, A.: Examination of Cyber-criminal Behaviour. International Journal of Information Science and Management, 41–48 (2010)
Alazab, M., Venkataraman, S., Watters, P.: Towards Understanding Malware Behaviour by the Extraction of API Calls. In: Second Cybercrime and Trustworthy Computing Workshop, pp. 52–59. IEEE Computer Society, Victoria (2010)
Komisarczuk, P.: Web Attack: WHO ARE WE FIGHTING? Dealing with threats is one thing, finding them is another. The manazine of the BSC security forum, ISNOW (Autumn 2010)
Cukier, M.: Study Documents Rate, Nature of Hacker Attacks. IT Pro. (2007)
Daniel, J.: Internet Security - the Threats Are Very Real. Educators’ eZine (2007)
BitDefender Antivirus Technology, white paper (2010), http://www.bitdefender.com/files-/Main/file/BitDefender_Antivirus_Technology.pdf
Symantec Enterprise Security: Symantec Global Internet Security, Security Threat Report, Trend for 2009, vol. XV (2010)
Symantec Enterprise Security: Symantec Report on Attack Kits and Malicious Websites. White paper (2011)
Banking malware zeus sucessfully bypasses anti-virus detection (2011), http://ecommerce-journal.com/news/18221_zeus_increasingly_avoids_pcs_detection
SPAMfighter News: Seculert Finds Fresh Malware Combining Zeus And SpyEye (2011), http://www.spamfighter.com/Seculert-Finds-Fresh-Malware-Combining-Zeus-And-SpyEye-15773-News.htm
SPAMfighter News: Alliance of ZeuS-SpyEye Resulting in the Publication of First Toolkit in the Underground Market (2011), http://www.spamfighter.com
Venkatraman, S.: Self-Learning Framework for Intrusion Detection. In: Proceedings of The 2010 International Congress on Computer Applications and Computational Science (CACS 2010), Singapore, pp. 517–520 (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Alazab, M., Venkatraman, S., Watters, P., Alazab, M., Alazab, A. (2012). Cybercrime: The Case of Obfuscated Malware. In: Georgiadis, C.K., Jahankhani, H., Pimenidis, E., Bashroush, R., Al-Nemrat, A. (eds) Global Security, Safety and Sustainability & e-Democracy. e-Democracy ICGS3 2011 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 99. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33448-1_28
Download citation
DOI: https://doi.org/10.1007/978-3-642-33448-1_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33447-4
Online ISBN: 978-3-642-33448-1
eBook Packages: Computer ScienceComputer Science (R0)