Endpoint Security in Networks: An OpenMP Approach for Increasing Malware Detection Speed

Forain, Igor; Albuquerque, Robson de Oliveira; Orozco, Ana Lucila Sandoval; Villalba, Luis Javier García; Kim, Tai-hoon

doi:10.3390/sym9090172

Cited by 2 publications

(1 citation statement)

References 25 publications

(61 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The inclusion of these techniques allows for a large-scale data analysis, the identification of patterns and trends, as well as the automatic and rapid formulation of predictions. These systems are called Endpoint Detection and Response (EDR), also known as Endpoint Thread Detection and Response (ETDR), and implement and endpoint security mechanism [29] at the clients that collects data and sends it to a centralized console for processing, as in a distributed computing environment [30]. The information collected is correlated in real time to detect and analyze suspicious activity and processed in a centralized database.…”

Section: Actual Antivirus Threat Detection and Classification Systemsmentioning

confidence: 99%

Evaluation of Local Security Event Management System vs. Standard Antivirus Software

Pérez-Sánchez

Hielscher

2022

Applied Sciences

View full text Add to dashboard Cite

The detection and classification of threats in computer systems has been one of the main problems researched in Cybersecurity. As technology evolves, the tactics employed by adversaries have also become more sophisticated to evade detection systems. In consequence, systems that previously detected and classified those threats are now outdated. This paper proposes a detection system based on the analysis of events and matching the risk level with the MITRE ATT&CK matrix and Cyber Kill Chain. Extensive testing of attacks, using nine malware codes and applying three different obfuscation techniques, was performed. Each malicious code was analyzed using the proposed event management system and also executed in a controlled environment to examine if commercial malware detection systems (antivirus) were successful. The results show that evading techniques such as obfuscation and in-memory extraction of malicious payloads, impose unexpected difficulties to standard antivirus software.

show abstract

Section: Actual Antivirus Threat Detection and Classification Systemsmentioning

confidence: 99%

Evaluation of Local Security Event Management System vs. Standard Antivirus Software

Pérez-Sánchez

Hielscher

2022

Applied Sciences

View full text Add to dashboard Cite

show abstract

Android Malware Permission-Based Multi-Class Classification Using Extremely Randomized Trees

Alswaina

Elleithy

2018

IEEE Access

View full text Add to dashboard Cite

Endpoint Security in Networks: An OpenMP Approach for Increasing Malware Detection Speed

Cited by 2 publications

References 25 publications

Evaluation of Local Security Event Management System vs. Standard Antivirus Software

Evaluation of Local Security Event Management System vs. Standard Antivirus Software

Android Malware Permission-Based Multi-Class Classification Using Extremely Randomized Trees

Contact Info

Product

Resources

About