Using Dynamic Taint Approach for of Malware Threat

Ping Wang*, Wen-Hui Lin, Wun Jie Chao, Kuo-Ming Chao, Chi-Chun Lo

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

Most existing approaches focus on examining the values are dangerous for information flow within inter-suspicious modules of cloud applications (apps) in a host by using malware threat analysis, rather than the risk posed by suspicious apps were connected to the cloud computing server. Accordingly, this paper proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme to track data with taint marking using several taint checking tools. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of and risks posed by suspicious apps were connected to the cloud computing server. In determining the risk of taint propagation, risk and defence capability are used for each taint path for assisting a defender in recognising the attack results against network threats caused by malware infection and estimate the losses of associated taint sources. Finally, a case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. Our approach verified the details of an attack sequence for malware infection by incorporating a finite state machine (FSM) to appropriately reflect the real situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model allows a defender to convert the spread of taint propagation to loss and practically estimate the risk of a specific threat by using behavioural analysis with real malware infection.
Original languageEnglish
Title of host publication2015 IEEE 12TH INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING (ICEBE)
Pages408-416
DOIs
StatePublished - 2015
Event12th IEEE International Conference on e-Business Engineering (ICEBE) - Beijing, China
Duration: 23 Oct 201525 Oct 2015

Publication series

Name2015 IEEE 12TH INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING (ICEBE)

Conference

Conference12th IEEE International Conference on e-Business Engineering (ICEBE)
CountryChina
CityBeijing
Period23/10/1525/10/15

Keywords

  • Threat analysis; Malware behavioural analysis; Dynamic taint propagation; Finite state machine

Fingerprint Dive into the research topics of 'Using Dynamic Taint Approach for of Malware Threat'. Together they form a unique fingerprint.

Cite this