On Second-Order Detection of Webcam Spyware
Publication type: Proceedings Article
Publication date: 2020-03-01
Abstract
Second-order detection of malware is frequently more effective than traditional malware detection in that it operates on the basis of a heavily influenced malware behavior. In this paper, we advance second-order detection of webcam spyware through an approach that aims at reaching their behavior at a greater than before depth. We propose decoy user space activity, along with a case study of it, namely a decoy security protocol, to involve malware in a series of interactions that lead them towards accessing a decoy I/O device, i.e. a decoy webcam in this case. In practical terms, decoy user space activity is delivered by a coherent ensemble of decoy I/O devices and decoy processes. This work makes decoy user space activity and decoy I/O indistinguishable from their real counterparts, and therefore increases uncertainty in malware operations on a compromised machine to benefit their detection.
Found
Found
Top-30
Journals
|
1
|
|
|
Computers and Security
1 publication, 50%
|
|
|
1
|
Publishers
|
1
|
|
|
Institute of Electrical and Electronics Engineers (IEEE)
1 publication, 50%
|
|
|
Elsevier
1 publication, 50%
|
|
|
1
|
- We do not take into account publications without a DOI.
- Statistics recalculated only for publications connected to researchers, organizations and labs registered on the platform.
- Statistics recalculated weekly.
Are you a researcher?
Create a profile to get free access to personal recommendations for colleagues and new articles.