Behavior-Based Spyware Detection, Manuel Egele (9783639022063) — Readings Books
Behavior-Based Spyware Detection
Paperback

Behavior-Based Spyware Detection

$73.99
Sign in or become a Readings Member to add this title to your wishlist.

This title is printed to order. This book may have been self-published. If so, we cannot guarantee the quality of the content. In the main most books will have gone through the editing process however some may not. We therefore suggest that you be aware of this before ordering this book. If in doubt check either the author or publisher’s details as we are unable to accept any returns unless they are faulty. Please contact us if you have any questions.

Generating good signatures for the current anti-spyware toolkits and deploying them in a timely fashion is a demanding task. Even if the signatures are up-to-date, signature based detection techniques usually suffer from the inability to detect novel and unknown threats. We believe that behavior-based approaches are capable of overcoming this drawback. To this end, we implemented TQAna. Our tool is based on taint analysis and function call hooking to provide dynamic analysis that is carried out on an emulated system. Taint analysis, as implemented with TQAna, provides the ability to track data throughout the whole system on hardware level. The observed functions cover most aspects of the Windows operating system, such as network-, and file system access, shared memory, or the dynamic loader. This book addresses system and security researchers in the fields of operating systems and malicious software analysis.

Read More
In Shop
Out of stock
Shipping & Delivery

$9.00 standard shipping within Australia
FREE standard shipping within Australia for orders over $100.00
Express & International shipping calculated at checkout

MORE INFO

Stock availability can be subject to change without notice. We recommend calling the shop or contacting our online team to check availability of low stock items. Please see our Shopping Online page for more details.

Format
Paperback
Publisher
VDM Verlag Dr. Mueller E.K.
Country
Germany
Date
14 May 2008
Pages
76
ISBN
9783639022063

This title is printed to order. This book may have been self-published. If so, we cannot guarantee the quality of the content. In the main most books will have gone through the editing process however some may not. We therefore suggest that you be aware of this before ordering this book. If in doubt check either the author or publisher’s details as we are unable to accept any returns unless they are faulty. Please contact us if you have any questions.

Generating good signatures for the current anti-spyware toolkits and deploying them in a timely fashion is a demanding task. Even if the signatures are up-to-date, signature based detection techniques usually suffer from the inability to detect novel and unknown threats. We believe that behavior-based approaches are capable of overcoming this drawback. To this end, we implemented TQAna. Our tool is based on taint analysis and function call hooking to provide dynamic analysis that is carried out on an emulated system. Taint analysis, as implemented with TQAna, provides the ability to track data throughout the whole system on hardware level. The observed functions cover most aspects of the Windows operating system, such as network-, and file system access, shared memory, or the dynamic loader. This book addresses system and security researchers in the fields of operating systems and malicious software analysis.

Read More
Format
Paperback
Publisher
VDM Verlag Dr. Mueller E.K.
Country
Germany
Date
14 May 2008
Pages
76
ISBN
9783639022063