Skip to main content
Conference Proceedings

Malware, encryption, and rerandomization – everything is under attack

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2017) 10311 LNCS 233-251
DOI: 10.1007/978-3-319-61273-7_12
1Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.
Get full text

Abstract

A malware author constructing malware wishes to infect a specific location in the network. The author will then infect n initial nodes with n different variations of his malicious code. The malware continues to infect subsequent nodes in the network by making similar copies of itself. An analyst defending M nodes in the network observes N infected nodes with some malware and wants to know if any sample is targeting any of his nodes. To reduce his work, the analyst need only look at unique malware samples. We show that by encrypting the malware payload and using rerandomization to replicate malware, we can make the N observed malware samples distinct and increase the analyst’s work factor substantially.

Author supplied keywords

Cite

CITATION STYLE

APA

Galteland, H., & Gjøsteen, K. (2017). Malware, encryption, and rerandomization – everything is under attack. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10311 LNCS, pp. 233–251). Springer Verlag. https://doi.org/10.1007/978-3-319-61273-7_12

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free