An Online Detection System for Advanced Malware Based on Virtual Execution Technology

doi:10.3969/j.issn.1671-1122.2016.01.006

Netinfo Security ›› 2016, Vol. 16 ›› Issue (1): 29-33.doi: 10.3969/j.issn.1671-1122.2016.01.006

• Orginal Article • Previous Articles Next Articles

An Online Detection System for Advanced Malware Based on Virtual Execution Technology

Shengjun ZHENG^1,², Longhua GUO²(), Jian CHEN³, Shujun NAN¹

1. Beijing GuoDianTong Network Technology Co., Ltd, Beijing 100070, China
2. Shanghai JiaoTong University, Shanghai 200240, China
3. Information and Telecommunication Branch of State Grid Zhejiang Electric Power Company, Hangzhou Zhejiang 310007, China

Received:2015-11-01 Online:2016-01-01 Published:2020-05-13

Abstract

Abstract:

The current mainstream of malware detection technologies includes sandbox technologies which are mainly based on malware behavior analysis. However, with the continuous development of network attack techniques, advanced malware technology will hide their malicious behavior through multi-state and deformation. In order to protect the information security of the smart grid, this paper presents an advanced online malware detection system based on virtual execution technology. The detection system increases a dynamic detection engine as well as in support of the traditional static test. Dynamic detection engine can detect advanced malware attacks through observation and analysis the changes of instruction and memory properties in depth using a virtual execution technology which is different from the traditional sandbox detection. Smart grid can effectively avoid suffering from advanced malware attacks if the online testing system is used in smart grid.

Key words: advanced malware, virtual execution, online detection, smart grid

CLC Number:

TP309

Shengjun ZHENG, Longhua GUO, Jian CHEN, Shujun NAN. An Online Detection System for Advanced Malware Based on Virtual Execution Technology[J]. Netinfo Security, 2016, 16(1): 29-33.

Figures/Tables 7

References 7

[1]	熊海军,王晓辉,朱永利,等.IEC 61850智能电子设备交互实时性建模与验证[J] . 电力系统自动化,2014(19):90-95.
[2]	任伟,赵俊阁.智能电网安全架构与分析[J].信息网络安全, 2012(8) :178-181.
[3]	熊海军,朱永利,张凡,等.基于行为树的IEC 61850智能电子设备互操作性描述与验证[J]. 电力系统自动化,2013(24):66-71.
[4]	兰芸,李宝林. 木马恶意软件的电子数据勘查与取证分析初探[J]. 信息网络安全,2014(5): 87-91.
[5]	QIU H Y, OSORIO F.Static Malware Detection with Segmented Sandboxing[C]// IEEE Computer Society. The 8th International Conference on Malicious and Unwanted Software, Fajardo. New York: IEEE, 2013: 132-141.
[6]	王志强,龚小刚,王红凯,等. 智能电网信息安全防御实践[J]. 信息网络安全,2013(10):60-62.
[7]	WRENCH, PETER M, IRWIN, et al. Towards a Sandbox for the Deobfuscation and Dissection of PHP Malware[C] // IEEE Computer Society. Information Security for South Africa (ISSA), Johannesburg. New York: IEEE, 2014: 1-8.

[1]	Wei DONG, Yonggang LI. Research on Analysis of Attacks on Smart Grid Network Based on Complex Network [J]. Netinfo Security, 2020, 20(1): 52-60.
[2]	Yuling LIU, Yunshan TANG, Qi ZHANG, Feng LI. Power Dispatch Software Security Situation Assessment Method [J]. Netinfo Security, 2019, 19(8): 15-21.
[3]	Quan ZHOU, Shumei XU, Ningbin YANG. A Privacy Protection Scheme for Smart Grid Based on Attribute-based Group Signature [J]. Netinfo Security, 2019, 19(7): 25-30.
[4]	Meihong LI, Xiaochen QI, Qianqian WU. Smart Grid Wireless Communication Data Encryption Transmission Scheme Based on Dynamic Key [J]. Netinfo Security, 2019, 19(12): 10-21.
[5]	Xiuxia TIAN, Xi CHEN, Fuliang TIAN. Community Distributed Power Security Transaction Scheme Based on Blockchain [J]. Netinfo Security, 2019, 19(1): 51-58.
[6]	Liang LI, Yinghui ZHANG, Kaixin DENG, Tiantian ZHANG. Privacy-aware Power Injection in 5G Smart Grid [J]. Netinfo Security, 2018, 18(12): 87-92.
[7]	Yang CHEN, Yong WANG, Wei SUN. A YARN-based Smart Grid Big Data Abnormal Detection [J]. Netinfo Security, 2017, 17(7): 11-17.
[8]	NIU Pengfei, ZHANG Jian, CHANG Qing, GU Zhaojun. Research and Design on Abnormal Behavior Online Detection Platform Based on Xen [J]. 信息网络安全, 2016, 16(9): 139-144.
[9]	LIU Jianan, WENG Jian. Survey on Smart Grid Security [J]. 信息网络安全, 2016, 16(5): 78-84.
[10]	LI Zengpeng, ZOU Yan, ZHANG Lei, MA Chunguang. A Privacy Preservation Scheme for Data Exchange of Smart Grid Based on Homomorphic Encryption [J]. 信息网络安全, 2016, 16(3): 1-7.
[11]	SHI Shasha, SUN Wenhong, JIANG Mingjian, QU Haipeng. Research on Smart Grid Privacy Protocol Based on Distributed Data Aggregation [J]. 信息网络安全, 2015, 15(12): 59-65.
[12]	LI Hai-wei, FAN Bo, LI Wen-feng. Research and Improvement on Constructing Method of A Trusted Virtualization Platform [J]. 信息网络安全, 2015, 15(1): 1-5.

An Online Detection System for Advanced Malware Based on Virtual Execution Technology

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 7

Related Articles 12

Recommended Articles

Metrics

Comments