Versenden
Drucken
Scheidweiler, Nils und Schäfer, André und Amme, Wolfram und Heinze, Thomas (2021) Using Clone Detection for Finding Signatures of Malware Families: A Case Study on FinSpy. In: 2nd IEEE International Conference on Autonomic Computing and Self-Organizing Systems, ACSOS 2021. IEEE. SPS 2021, 27. September 2021, Virtueller Workshop. doi: 10.1109/ACSOS-C52956.2021.00063. ISBN 978-166541261-2. (im Druck)
![[img]](https://elib.dlr.de/style/images/fileicons/application_pdf.png) |
PDF
- Nur DLR-intern zugänglich
228kB |
Kurzfassung
Code reuse is a frequent practice in malware development and finding code similar to known malware can thus be a promising strategy for malware detection. In this paper, we analyze the use of the clone detector StoneDetector for finding Android malware. To this end, signatures of known malware are generated and used to look for suspicious code fragments in Android APK packages. Feasibility of the approach is shown for a case study on samples of the FinSpy malware family.
| elib-URL des Eintrags: | https://elib.dlr.de/144763/ | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Dokumentart: | Konferenzbeitrag (Vortrag) | ||||||||||||||||||||
| Titel: | Using Clone Detection for Finding Signatures of Malware Families: A Case Study on FinSpy | ||||||||||||||||||||
| Autoren: |
| ||||||||||||||||||||
| Datum: | 2021 | ||||||||||||||||||||
| Erschienen in: | 2nd IEEE International Conference on Autonomic Computing and Self-Organizing Systems, ACSOS 2021 | ||||||||||||||||||||
| Referierte Publikation: | Ja | ||||||||||||||||||||
| Open Access: | Nein | ||||||||||||||||||||
| Gold Open Access: | Nein | ||||||||||||||||||||
| In SCOPUS: | Ja | ||||||||||||||||||||
| In ISI Web of Science: | Nein | ||||||||||||||||||||
| DOI: | 10.1109/ACSOS-C52956.2021.00063 | ||||||||||||||||||||
| Verlag: | IEEE | ||||||||||||||||||||
| ISBN: | 978-166541261-2 | ||||||||||||||||||||
| Status: | im Druck | ||||||||||||||||||||
| Stichwörter: | Clone detection, Malware detection, Malware signatures, FinSpy, FinFisher | ||||||||||||||||||||
| Veranstaltungstitel: | SPS 2021 | ||||||||||||||||||||
| Veranstaltungsort: | Virtueller Workshop | ||||||||||||||||||||
| Veranstaltungsart: | Workshop | ||||||||||||||||||||
| Veranstaltungsdatum: | 27. September 2021 | ||||||||||||||||||||
| HGF - Forschungsbereich: | Luftfahrt, Raumfahrt und Verkehr | ||||||||||||||||||||
| HGF - Programm: | Raumfahrt | ||||||||||||||||||||
| HGF - Programmthema: | Technik für Raumfahrtsysteme | ||||||||||||||||||||
| DLR - Schwerpunkt: | Raumfahrt | ||||||||||||||||||||
| DLR - Forschungsgebiet: | R SY - Technik für Raumfahrtsysteme | ||||||||||||||||||||
| DLR - Teilgebiet (Projekt, Vorhaben): | R - Intelligente Analysen und Methoden zur sicheren Softwareentwicklung | ||||||||||||||||||||
| Standort: | Jena | ||||||||||||||||||||
| Institute & Einrichtungen: | Institut für Datenwissenschaften > Sichere Digitale Systeme | ||||||||||||||||||||
| Hinterlegt von: | Heinze, Thomas | ||||||||||||||||||||
| Hinterlegt am: | 27 Okt 2021 15:39 | ||||||||||||||||||||
| Letzte Änderung: | 18 Aug 2022 13:29 |
Nur für Mitarbeiter des Archivs: Kontrollseite des Eintrags
