吉林大学学报(工学版) ›› 2013, Vol. 43 ›› Issue (03): 718-726.doi: 10.7964/jdxbgxb201303027

Previous Articles     Next Articles

Multiple execution paths for virus based on cloud computing

MENG Chao1, SUN Zhi-xin1,2, LIU San-min1,3   

  1. 1. College of Computer Science and Technology ,Nanjing University of Aeronautics and Astronautics, Nanjing 210016,China;
    2. Key Laboratory of Broadband Wireless Communication and Sensor Network Technology,Nanjing University of Posts and Telecommunications, Ministry of Education, Nanjing 210003,China;
    3. College of Computer and Information, Anhui Polytechnic University, Wuhu 241000,China
  • Received:2012-04-23 Online:2013-05-01 Published:2013-05-01

RICH HTML

0   

PDF (PC)

434

Abstract:

Virus analysis is the process of determining the purpose and functionality of a given virus sample. The current problem is that virus dynamic analysis tool can only analyze a single program execution in single computer system, thus the error rate is high. A new analysis model is proposed, which can use abundant resources of cloud computing system. It allows us to explore multiple execution paths and identify malicious actions that are executed when only certain conditions are met. Experiments are carried out in open-source cloud software, Eucalyptus. Results show the proposed model can detect the existence of trigger-based behavior, find the trigger conditions of such hidden behavior and identify the inputs satisfying those conditions. Its performance is superior to single computer system.

Key words: computer application, cloud computing, cloud security, virus analysis, behavioral analysis

CLC Number: 

  • TP393

[1] Firdausi. Analysis of machine learning techniques used in behavior-based malware detection//Second International Conference on Computing, Control and Telecommunication Technologies(ACT),2010:201-203.



[2] Bayer U, Kruegel C, Kirda E,et al. A tool for analyzing malware//Proc 15th Ann Conf European Inst for Computer Antivirus Research (EICAR), EICAR Conf Proceedings,2006:180-192.



[3] Branco R R. Architecture for automation of malware analysis//In 5th International Conference on Malicious and Unwanted Software (MALWARE),2010:106-112.



[4] Shahzad Farrukh , Shahzad M, Farooq Muddassar. In-execution dynamic malware analysis and detection by mining information in process control blocks of Linux OS[J].Information Sciences,2013,231:45-63.



[5] Jensen M, Gruschka N, Herkenh R. A survey of attacks on web services//Computer Science - Research and Development (CSRD), Springer, Berlin, 2009.



[6] Iwamura M, Itoh M, Muraoka Y. Towards efficient analysis for malware in the wild//In IEEE International Conference on Communications (ICC), Kyoto,2011:1-6.



[7] Moser A, Kruegel C, Kirda E. Exploring multiple execution paths for malware analysis//In IEEE Symposium on Security and Privacy, IEEE Press, 2007.



[8] Brumley D, Hartwig C, Liang Z, et al. Towards automatically identifying trigger-based behavior in malware using symbolic execution and binary analysis.Technical Report, Carnegie Mellon University,2007.



[9] Berre A J, Roman D, Landre E, et al. Towards best practices in designing for the cloud//In: Proceedings of the 24th ACM SIGPLAN Conference Companion on Object Oriented Programming Systems Languages and Applications, Orlando, Florida, USA, 2009:697-698.



[10] Wu Yu-mei , Yu Zheng-wei, Liu Zhi-fang . Study of task profile oriented embedded software test aiming to improve reliability//In 2nd International Conference on Future Computer and Communication (ICFCC), China, 2010.



[11] Marcantonio Catelani Lorenzo Ciani. Software automated testing: a solution to maximize the test plan coverage and to increase software reliability and quality in use[J]. In Computer Standards & Interfaces, 2011,33(2):152-158.



[12] Nurmi D, Wolski R, Grzegorczyk C, et al. The eucalyptus open-source cloud-computing system//In CCGRID '09:Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid, IEEE Computer Society, Washington, DC, USA, 2009:124-131.



[13] Peng Cheng-Shiuan , Chang Li-Chuan , Kuo Chih-Hung, et al. Dual-core virtual platform with QEMU and system//In International Symposium on Next-Generation Electronics (ISNE),2010:69-72.



[14] Blin L, Cournier A, Villain V. An improved snap-stabilizing PIF algorithm[J]. Self-Stabilizing Systems, Lecture Notes in Computer Science, Springer, 2003, 2704:199-214.



[15] Cournier A, Datta A, Petit F, et al. Snap-stabilizing PIF algorithm in arbitrary networks//Proceedings of the 22nd IEEE International Conference on Distributed Computing Systems, IEEE Computer Society, Washington, DC,USA, 2002:199-206.



[16] Mehmet Hakan Karaata,Rachid Hadid. An optimal snap-stabilizing wave algorithm in arbitrary graphs[J].Computer Communications, 2008, 31: 3071-3077.



[17] Cournier A.Snap-stabilizing linear message forwarding[J].In Proceeding SSS'10 Proceedings of the 12th International Conference, 2010, 6366: 546-559.
[1] LIU Fu,ZONG Yu-xuan,KANG Bing,ZHANG Yi-meng,LIN Cai-xia,ZHAO Hong-wei. Dorsal hand vein recognition system based on optimized texture features [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1844-1850.
[2] WANG Li-min,LIU Yang,SUN Ming-hui,LI Mei-hui. Ensemble of unrestricted K-dependence Bayesian classifiers based on Markov blanket [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1851-1858.
[3] JIN Shun-fu,WANG Bao-shuai,HAO Shan-shan,JIA Xiao-guang,HUO Zhan-qiang. Synchronous sleeping based energy saving strategy of reservation virtual machines in cloud data centers and its performance research [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1859-1866.
[4] ZHAO Dong,SUN Ming-yu,ZHU Jin-long,YU Fan-hua,LIU Guang-jie,CHEN Hui-ling. Improved moth-flame optimization method based on combination of particle swarm optimization and simplex method [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1867-1872.
[5] LIU En-ze,WU Wen-fu. Agricultural surface multiple feature decision fusion disease judgment algorithm based on machine vision [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(6): 1873-1878.
[6] OUYANG Dan-tong, FAN Qi. Clause-level context-aware open information extraction [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1563-1570.
[7] LIU Fu, LAN Xu-teng, HOU Tao, KANG Bing, LIU Yun, LIN Cai-xia. Metagenomic clustering method based on k-mer frequency optimization [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1593-1599.
[8] GUI Chun, HUANG Wang-xing. Network clustering method based on improved label propagation algorithm [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1600-1605.
[9] LIU Yuan-ning, LIU Shuai, ZHU Xiao-dong, CHEN Yi-hao, ZHENG Shao-ge, SHEN Chun-zhuang. LOG operator and adaptive optimization Gabor filtering for iris recognition [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1606-1613.
[10] CHE Xiang-jiu, WANG Li, GUO Xiao-xin. Improved boundary detection based on multi-scale cues fusion [J]. Journal of Jilin University(Engineering and Technology Edition), 2018, 48(5): 1621-1628.
[11] ZHAO Hong-wei, LIU Yu-qi, DONG Li-yan, WANG Yu, LIU Pei. Dynamic route optimization algorithm based on hybrid in ITS [J]. 吉林大学学报(工学版), 2018, 48(4): 1214-1223.
[12] HUANG Hui, FENG Xi-an, WEI Yan, XU Chi, CHEN Hui-ling. An intelligent system based on enhanced kernel extreme learning machine for choosing the second major [J]. 吉林大学学报(工学版), 2018, 48(4): 1224-1230.
[13] FU Wen-bo, ZHANG Jie, CHEN Yong-le. Network topology discovery algorithm against routing spoofing attack in Internet of things [J]. 吉林大学学报(工学版), 2018, 48(4): 1231-1236.
[14] CAO Jie, SU Zhe, LI Xiao-xu. Image annotation method based on Corr-LDA model [J]. 吉林大学学报(工学版), 2018, 48(4): 1237-1243.
[15] HOU Yong-hong, WANG Li-wei, XING Jia-ming. HTTP-based dynamic adaptive streaming video transmission algorithm [J]. 吉林大学学报(工学版), 2018, 48(4): 1244-1253.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
[1] LIU Song-shan, WANG Qing-nian, WANG Wei-hua, LIN Xin. Influence of inertial mass on damping and amplitude-frequency characteristic of regenerative suspension[J]. 吉林大学学报(工学版), 2013, 43(03): 557 -563 .
[2] WANG Tong-jian, CHEN Jin-shi, ZHAO Feng, ZHAO Qing-bo, LIU Xin-hui, YUAN Hua-shan. Mechanical-hydraulic co-simulation and experiment of full hydraulic steering systems[J]. 吉林大学学报(工学版), 2013, 43(03): 607 -612 .
[3] ZHANG Chun-qin, JIANG Gui-yan, WU Zheng-yan. Factors influencing motor vehicle travel departure time choice behavior[J]. 吉林大学学报(工学版), 2013, 43(03): 626 -632 .
[4] XIAO Rui, DENG Zong-cai, LAN Ming-zhang, SHEN Chen-liang. Experiment research on proportions of reactive powder concrete without silica fume[J]. 吉林大学学报(工学版), 2013, 43(03): 671 -676 .
[5] CHEN Si-guo, JIANG Xu, WANG Jian, LIU Yan-heng, DENG Wei-wen, DENG Jun-yi. Mashup of vehicular ad-hoc network and universal mobile telecommunications system[J]. 吉林大学学报(工学版), 2013, 43(03): 706 -710 .
[6] XIAN Shu, ZHENG Jin, LU Xing, ZHANG Shi-peng. Identification approach of P2P flow based on the content redistribution model[J]. 吉林大学学报(工学版), 2013, 43(03): 727 -733 .
[7] LYU Yuan-zhi, WANG Shi-gang, YU Jue-qiong, WANG Xiao-yu, LI Xue-song. Display characteristics of one-dimensional integral imaging in virtual mode based on lenticular lens array[J]. 吉林大学学报(工学版), 2013, 43(03): 753 -757 .
[8] WANG Dan, LI Yang, NIAN Gui-jun, WANG Ke. An inhomogeneity mask for spatial watermarking[J]. 吉林大学学报(工学版), 2013, 43(03): 771 -775 .
[9] FENG Lin-han, QIAN Zhi-hong, SHANG Ke-cheng, ZHU Shuang. Improved hidden node collision avoidance strategy based on IEEE802.15.4[J]. 吉林大学学报(工学版), 2013, 43(03): 776 -780 .
[10] WANG Ya-li, CHEN Lan, LYU Chao, WU Fan. Cross-layer optimization of WSN based on network utility and lifetime[J]. 吉林大学学报(工学版), 2013, 43(03): 807 -812 .
Copyright © Journal of Jilin University(Engineering and Technology Edition), All Rights Reserved.
Tel: +86-431-85095297 Fax: +86-431-85094074 E-mail: xbgxb@jlu.edu.cn
Powered by Beijing Magtech Co. Ltd