Malware Research

Malware Research

  • Sebastián García added an answer:
    Which is the best tool for behaviour based malware analysis?

    If you need to enhance the security the best way is to study the behavior of Malware, so any suggestion for the latest and best tool for behavior analysis of Malware?

  • Miran Baban added an answer:
    How can I get rid of a virus named ransomware having extension ccc at the end?

    Yesterday, my laptop got a deadly trojan virus having extension ccc that affects  each of my files. Afterwards, all my files were encrypted to the bizarre format that couldn't be opened by any installed program. Even tried to look up for for software to decrypt my affected files but didn't find any. It seems to a serious issue, I would be really grateful if I could know any ways to resolve this problem. Thank you.

    Miran Baban

    you can do it, via Linux (Live CD), to access windows files and remove the .exe  file i cant remember the name.


    follow the instructions in the following link:

  • Günter Fahrnberger added an answer:
    Can someone suggest any different solution for preventing and detecting the phishing attack?

    user can request for any website and phishing page then direclty move on orignal page

    Günter Fahrnberger

    Beside all technical countermeasures to detect and antagonize phishing, it can also be prevented by improving the online users' phishing awareness. Just catch a glimpse at for example!

    • Source
      [Show abstract] [Hide abstract]
      ABSTRACT: User security education and training is one of the most important aspects of an organizations security posture. Using security exercises to reinforce this aspect is frequently done by education and industry alike; however these exercises usually enlist willing participants. We have taken the concept of using an exercise and modified it in application to evaluate a users propensity to respond to email phishing attacks in an unannounced test. This paper describes the considerations in establishing and the process used to create and implement an evaluation of one aspect of our user information assurance education program. The evaluation takes the form of a exercise, where we send out a phishing styled email record the responses.
      Full-text · Article · Feb 2007 · Computers & Security
  • Vikas Malviya added an answer:
    Where can I find a database of malicious web pages?

    I want to have a database of malicious web pages.

    Vikas Malviya

    Thanks Selvakumar. I will give a try

  • Amit Kumar added an answer:
    Where can I find huge data sets of analyzed malwares for data mining?

    I am working on detecting malwares. I need data sets to stimulate my program on it.
    Where can I find huge data sets of analyzed malwares for data mining?

    Amit Kumar

    This can also help :

  • Steve F. Russell added an answer:
    A 2002 NIST study had estimated the cost of software bugs. Do you know any other (more recent) attempt at quantifying the impact of bugs in some way?

    All papers I could find have cited the same document for more than a decade:

    No one seems to have found any more recent study on the topic. Have you?

    Steve F. Russell

    Hi Sylvain,

    I once worked as supervisor of software configuration management and quality control in an aerospace corporation. I am not familiar with the NIST paper but I can say definitely that estimating the life-cycle-cost of a software error is very complex and depends on the policies and culture of the software development organization. Any claim that a "universal" method of cost estimate is possible would be a massive overstatement.

    For example, Microsoft will let a software bug exist through several software updates and that approach has been largely accepted by users.

    On the other hand, in avionics and aircraft applications, a software error can cost lifes and the extent to which software is tested and errors eliminated is very costly.

    The original space shuttle  ran 4 computers. Three identical and a 4th developed independently. Computation results were compared at milestones in the computing cycle and a vote taken as to correctness.

    In the life cycle of software, the bug must be detected and analyzed. A revision must be written and extensively tested and documented. The software revision must be introduced into the product cycle. The revision must be distributed as a "fix" to previous customers. Every software company does it differently with different costs depending on the safety and social impact of the software.

    Hope this helps. Good luck.

    to the extent

  • Valdis E Krebs added an answer:
    What are some of the best models describing the epidemic spread over a network?
    Epidemic in Networks
    Looking for some of the best papers or thesis to go through.
    Valdis E Krebs

    The spread of TB/HIV in human networks...

    Follow links to original papers with the CDC at bottom of article.

  • Rodrigo Ruiz added an answer:
    What do you consider the biggest malware proliferation technique in social media and why?
    Social media is now the biggest source of malware proliferation (esp. Facebook), but there is an ongoing debate on the most popular method of malware distribution.
    Rodrigo Ruiz

    Ehinome, the knowledge of human behavior and the exploitation of our desires, lusts, vanities, fears and greed. This knowledge serves to all media, digital or conventional.

  • Abdul Razaque added an answer:
    What is the best open source detection tool for malware that has anti-virtualization?
    Malware now has the split personality capability to detect virtualization when being analyzed.
    Abdul Razaque
    You can go with following malware detection tools.

    1. pybot Search & Destroy
    5. Interactive Disassembler (IDA)
  • Shahid Alam asked a question:
    Is there any research on static detection of javascript malicious code (with or without obfuscation)?
    JavaScript is a very popular language and is used in all the social networking sites. It can also be used for malicious purposes (mostly as part of cross site scripting), such as: distributing malware, directing to malicious web sites, popup windows etc. Such a code is normally obfuscated to hide it from automatic detection. As part of my research I am conducting a study on the types of javascript obfuscations and malicious code to automate it's detection statically.

Topic followers (189) See all