Advertisement

An Experimental Approach to Unravel Effects of Malware on System Network Interface

  • Sikiru Olanrewaju Subairu
  • John Alhassan
  • Sanjay MisraEmail author
  • Olusola Abayomi-Alli
  • Ravin Ahuja
  • Robertas Damasevicius
  • Rytis Maskeliunas
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 612)

Abstract

Malware is malicious code that tends to take control of the system remotely. The author of these codes drops their malicious payload on to the vulnerable system and continues to maintain access to this system at will. In order to unravel and establish the ability of rootkit to hide system network interface, we developed a network model, and implementation of this model was carried out on four notable live rootkits. Our results show the ability of the four rootkits to hide the system network interfaces, which are being used by the attackers to gain access and communicate correctly with the compromised system.

Keywords

Malware Malicious code Network interface Rootkit 

References

  1. 1.
    Huda S, Islam R, Abawajy J, Yearwood J, Hassan MM, Fortino G (2018) A hybrid-multi filter-wrapper framework to identify run-time behaviour for fast malware detection. Future Gener Comput Syst 83:193–207CrossRefGoogle Scholar
  2. 2.
    Nikolopoulos SD, Polenakis I (2017) Preventing malware pandemics in mobile devices by establishing response-time bounds. J Inf Secur Appl 37:1–14Google Scholar
  3. 3.
    Salehi Z, Sami A, Ghiasi M (2014) Using feature generation from API calls for malware detection. Comput Fraud Secur 2014(9):9–18CrossRefGoogle Scholar
  4. 4.
    Marpaung JAP, Sain M, Hoon-Jae L (2012) Survey on malware evasion techniques: state of the art and challenges. In: 2012 14th International Conference Advanced Communication Technology (ICACT), pp 744–749 ISSN: 1738-9445. Retrieved from http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6174775
  5. 5.
    Hwang HJ, Tak JI, Nah SY (2011) The perception of computer security focused on the familiarity of rootkits in Korea and Kazakhstan. Int J Softw Eng Appl 5(2):13–24Google Scholar
  6. 6.
    Chalurkar SN, Meshram BB (2012) Detection of traditional and new types of Malware using Host-based detection scheme. Int J Adv Res Comput Eng Technol (IJARCET) 1(4):341Google Scholar
  7. 7.
    Carvey H (2014) Malware detection. Windows forensic analysis toolkit, Chapter six, 4th edn. Advanced Analysis Techniques for Windows 8, pp 169–209Google Scholar
  8. 8.
    Maiorca D, Ariu D, Corona I, Aresu M, Giacinto G (2015) Stealth attacks: an extended insight into the obfuscation effects on android malware. Comput Secur 51:16–31CrossRefGoogle Scholar
  9. 9.
    Miller LC, Gregory PH (2016) CISSP for dummies. WileyGoogle Scholar
  10. 10.
    Bazargan F, Yeun CY, Zemerly MJ (2012) State-of-the-art of virtualization, its security threats and deployment models. Int J Inf Secur Res (IJISR) 2(3/4):335–343CrossRefGoogle Scholar
  11. 11.
    Cheenu MS (2014) A review of ZeroAccess peer-to-peer Botnet. Int J Comput Trends Technol (IJCTT) 12(2). Retrieved from http://www.ijcttjournal.org/Volume12/number-2/IJCTT-V12P112.pdf
  12. 12.
    Kornblum JD, ManTech C (2006) Exploiting the rootkit paradox with windows memory analysis. Int J Digital Evid 5(1):1–5Google Scholar
  13. 13.
    Rrushi, JL (2016) NIC displays to thwart malware attacks mounted from within the OS. Comput Secur 61:59–71CrossRefGoogle Scholar
  14. 14.
    Nguyen G, Nguyen BM, Tran D, Hluchy L (2018) A heuristics approach to mine behavioural data logs in mobile malware detection system. Data Knowl EngGoogle Scholar
  15. 15.
    Abazari F, Analoui M, Takabi H (2016) Effect of anti-malware software on infectious nodes in cloud environment. Comput Secur 58:139–148CrossRefGoogle Scholar
  16. 16.
    Genge B, Graur F, Haller P (2015) Experimental assessment of network design approaches for protecting industrial control systems. Int J Crit Infrastruct Prot 11:24–38CrossRefGoogle Scholar
  17. 17.
    Ding Y, Xia X, Chen S, Li Y (2018) A malware detection method based on family behavior graph. Comput Secur 73:73–86CrossRefGoogle Scholar
  18. 18.
    Lin C-H, Pao H-K, Liao J-W (2018) Efficient dynamic malware analysis using virtual time control mechanics. Comput Secur 73:359–373CrossRefGoogle Scholar
  19. 19.
    Talha, KA, Alper DI, Aydin C (2015) APK auditor: permission-based Android malware detection system. Digital Investig 13:1–14CrossRefGoogle Scholar
  20. 20.
    Alam S, Horspool RN, Traore I, Sogukpinar I (2015) A framework for metamorphic malware analysis and real-time detection. Comput Secur 48:212–233CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  • Sikiru Olanrewaju Subairu
    • 1
  • John Alhassan
    • 1
  • Sanjay Misra
    • 2
    Email author
  • Olusola Abayomi-Alli
    • 2
  • Ravin Ahuja
    • 3
  • Robertas Damasevicius
    • 4
  • Rytis Maskeliunas
    • 4
  1. 1.Department of Cyber SecurityFederal University of TechnologyMinnaNigeria
  2. 2.Center of ICT/ICE Research, CUCRIDCovenant UniversityOtaNigeria
  3. 3.Vishwakarma Skill University GurugramHaryanaIndia
  4. 4.Kanus University of TechnologyKaunasLithuania

Personalised recommendations