Using Dynamic Taint Approach for Malware Threat

P. Wang, W-H. Lin, W-J. Chao, Kuo-Ming Chao, C-C. Lo

Research output: Contribution to conferencePaper

2 Citations (Scopus)

Abstract

Most existing approaches focus on examining the values are dangerous for information flow within inter-suspicious modules of cloud applications (apps) in a host by using malware threat analysis, rather than the risk posed by suspicious apps were connected to the cloud computing server. Accordingly, this paper proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme to track data with taint marking using several taint checking tools. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of and risks posed by suspicious apps were connected to the cloud computing server. In determining the risk of taint propagation, risk and defence capability are used for each taint path for assisting a defender in recognising the attack results against network threats caused by malware infection and estimate the losses of associated taint sources. Finally, a case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. Our approach verified the details of an attack sequence for malware infection by incorporating a finite state machine (FSM) to appropriately reflect the real situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model allows a defender to convert the spread of taint propagation to loss and practically estimate the risk of a specific threat by using behavioural analysis with real malware infection.
Original languageEnglish
Pages408 - 416
DOIs
Publication statusPublished - 2015
EventIEEE 12th International Conference on e-Business Engineering - Beijing, China
Duration: 23 Oct 201525 Oct 2015

Conference

ConferenceIEEE 12th International Conference on e-Business Engineering
Abbreviated titleICEBE
CountryChina
CityBeijing
Period23/10/1525/10/15

Keywords

  • Dynamic taint propagation
  • Finite state machine
  • Malware behavioural analysis
  • Threat analysis

Fingerprint Dive into the research topics of 'Using Dynamic Taint Approach for Malware Threat'. Together they form a unique fingerprint.

Cite this