As the internet environment has been developed recently, threats and damage to malicious codes are increasing day by day. Most of the damage is caused by new and variant malicious codes because of the vulnerability of Endpoint. Most of the Anti-Virus used in endpoints run on a signature basis, and as intelligence on malicious code is developed, the detection rate of existing Anti-Virus is declining. Therefore, there is a need for a technology capable of handling new and variant malicious codes in real time on the endpoint. In this paper, we present a method for analyzing behaviors of malicious code using behavioral analysis of the Windows kernel function call sequence.
CITATION STYLE
Shin, K., & Won, Y. (2018). Study on malicious code behavior detection using windows filter driver and API call sequence. In Lecture Notes in Electrical Engineering (Vol. 474, pp. 938–943). Springer Verlag. https://doi.org/10.1007/978-981-10-7605-3_149
Mendeley helps you to discover research relevant for your work.