The Host-Based Code Injection Attack (HBCIAs) is a technique that malicious software utilizes in order to avoid detection or steal sensitive information. In a nutshell, this is a local attack where code is injected across process boundaries and executed in the context of a victim process. Malware employs HBCIAs on several operating systems including Windows, Linux, and macOS. This thesis investigates the topic of HBCIAs in the context of malware. First, we conduct basic research on this topic. We formalize HBCIAs in the context of malware and show in several measurements, amongst others, the high prevelance of HBCIA-utilizing malware. Second, we present Bee Master, a platform-independent approach to dynamically detect HBCIAs. This approach ...
35 pagesThis chapter studies the activities of cyber attackers on a large scale honeypot running for...
Honeypots are computers specifically deployed to be a resource that is expected to be attacked or co...
Various vulnerabilities in software applications become easy targets for attackers. The trend consta...
Common goals of malware authors are detection avoidance and gathering of critical information. There...
A technique commonly used by malware for hiding on a targeted system is the host-based code injectio...
Abstract—Detecting unknown malicious code (malcode) is a challenging task. Current common solutions,...
In contrast to most benign applications, malware infects its host system. It does so via system-wide...
Malicious code is a threat to computer systems globally. In this paper, we outline the evolution of ...
Today's most widely exploited applications are the web browsers and document readers we use every da...
In recent years, malware has emerged as a critical security threat. Additionally, malware authors co...
International audienceHarvard architecture CPU design is common in the embedded world. Examples of H...
Exploits that successfully attack computers are mostly based on some form of shellcode, i.e., illegi...
We introduce BotSwindler, a bait injection system designed to delude and detect crimeware by forcing...
Computer security attacks evolve to evade deployed defenses. Recent attacks have ranged from exploi...
Document-based code injection attacks, where-in malicious code (coined shellcode) is embedded in a d...
35 pagesThis chapter studies the activities of cyber attackers on a large scale honeypot running for...
Honeypots are computers specifically deployed to be a resource that is expected to be attacked or co...
Various vulnerabilities in software applications become easy targets for attackers. The trend consta...
Common goals of malware authors are detection avoidance and gathering of critical information. There...
A technique commonly used by malware for hiding on a targeted system is the host-based code injectio...
Abstract—Detecting unknown malicious code (malcode) is a challenging task. Current common solutions,...
In contrast to most benign applications, malware infects its host system. It does so via system-wide...
Malicious code is a threat to computer systems globally. In this paper, we outline the evolution of ...
Today's most widely exploited applications are the web browsers and document readers we use every da...
In recent years, malware has emerged as a critical security threat. Additionally, malware authors co...
International audienceHarvard architecture CPU design is common in the embedded world. Examples of H...
Exploits that successfully attack computers are mostly based on some form of shellcode, i.e., illegi...
We introduce BotSwindler, a bait injection system designed to delude and detect crimeware by forcing...
Computer security attacks evolve to evade deployed defenses. Recent attacks have ranged from exploi...
Document-based code injection attacks, where-in malicious code (coined shellcode) is embedded in a d...
35 pagesThis chapter studies the activities of cyber attackers on a large scale honeypot running for...
Honeypots are computers specifically deployed to be a resource that is expected to be attacked or co...
Various vulnerabilities in software applications become easy targets for attackers. The trend consta...