Abstract : We propose a solution which provides a system operator with a mechanism that enables tracking and tracing of malware behavior which – in consequence – leads to its detection and neutralization. The detection is performed in two steps. Firstly single malicious activities are identified and filtered out. As they come from the identification module, they are compared with malware models constructed in the form of Colored Petri nets. In this article we present our approach to malware modeling. Proposed method was implemented and practically verified in laboratory environment with emulated malicious activity at the hosts level.
https://hal.inria.fr/hal-01405661 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Wednesday, November 30, 2016 - 11:27:53 AM Last modification on : Thursday, October 4, 2018 - 10:12:02 PM Long-term archiving on: : Monday, March 27, 2017 - 7:49:49 AM
Bartosz Jasiul, Marcin Szpyrka, Joanna Śliwa. Malware Behavior Modeling with Colored Petri Nets. 13th IFIP International Conference on Computer Information Systems and Industrial Management (CISIM), Nov 2014, Ho Chi Minh City, Vietnam. pp.667-679, ⟨10.1007/978-3-662-45237-0_60⟩. ⟨hal-01405661⟩