Mac OS

Latest news: September 19th, 2016 - We have added new categories for monitoring products testing: Microphone and Webcam Recording etc... RSS Feed

Home>Articles>Automatically Identifying Trigger-based Behavior in Malware

AnyKeylogger for Mac

Automatically Identifying Trigger-based Behavior in Malware

by David Brumley, Cody Hartwig, Zhenkai Liang, James Newsome, Dawn Song, Heng Yin


In this chapter, we propose that automatic analysis of trigger-based behavior in malware is possible. In particular, we design an approach for automatic trigger-based behavior detection and analysis using dynamic binary instrumentation and mixed concrete and symbolic execution. Our approach shows that in many cases we can: (1) detect the existence of trigger-based behavior, (2) find the conditions that trigger such hidden behavior, and (3) find inputs that satisfy those conditions, allowing us to observe the triggered malicious behavior in a controlled environment. We have implementedMineSweeper, a system utilizing this approach. In our experiments, MineSweeper has successfully identified trigger-based behavior in real-world malware. Although there are many challenges presented by automatic trigger-based behavior detection, MineSweeper shows us that such automatic analysis is possible and encourages future work in this area.
Read the full article
Home>Articles>Automatically Identifying Trigger-based Behavior in Malware
IMPORTANT! Installing computer monitoring tools on computers you do not own or do not have permission to monitor may violate local, state or federal law.