Design and Implementation of a Security Scheme for Detecting System Vulnerabilities

Full Text (PDF, 635KB), PP.24-32

Views: 0 Downloads: 0

Author(s)

Sonali Sharma 1,* Shilpa Mahajan 1

1. Department of CSE & IT, The NorthCap University, Gurugram, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2017.10.03

Received: 26 May 2017 / Revised: 8 Jul. 2017 / Accepted: 1 Aug. 2017 / Published: 8 Oct. 2017

Index Terms

File extensions, Code access Security, Registry files, Anti-virus, System Scan

Abstract

With evolution of internet, security becomes a major concern. Number of malicious programs called malware, travels through network into systems. They have many advanced properties like self-hiding, self-healing and stealth mode execution, which are hard to detect. Therefore, the major challenge for researchers today is to detect and mitigate such programs. Since there is a new virus implemented every minute no detection mechanism can be designed which gives 100% protection but by keeping the anti-virus database up to date we can escape many attacks. In this paper, an effort has been made to explain the design of a system program which can scan the vulnerable files on the system, generate logs and this can later be used to design antivirus software and stop virus execution. This program aims to scan system files and target the files which are vulnerable present on the system based on their file extensions. It generates logs after the system scan is complete which can be studied and used for anti-virus creation.

Cite This Paper

Sonali Sharma, Shilpa Mahajan, "Design and Implementation of a Security Scheme for Detecting System Vulnerabilities", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.10, pp.24-32, 2017. DOI:10.5815/ijcnis.2017.10.03

Reference

[1]Ankush R Kakad, Siddharth G Kamble, Shrinivas S Bhuvad and Vinayak N Malavade, “Study and Comparison of Virus Detection Techniques“, International Journal of Advanced Research in Computer Science and Software Engineering, Volume 4, Issue 3, March 2014.
[2]Khawla Abdulla Alghafli et. al. “Forensic analysis of windows 7 registry”, Edith Cowan University Research Online, Australian Digital Forensics Conference, 2010.
[3]Sarika chaudhary et. al., “How Anti-virus Software Works??”, International Journal of Advanced Research in Computer Science and Software Engineering, Volume 3, Issue 4, April 2013.
[4]Savan Gadhiya and Kaushal Bhavsar, ”Techniques for Malware Analysis “ ,International Journal of Advanced Research in Computer Science and Software Engineering ,Volume 3, Issue 4,India, April 2013.
[5]Sandeep kumar et al., “Malicious Data Classification Using Structural Information and Behavioral Specifications in Executables”, Proceedings of 2014 RAECS UIET Punjab University Chandigarh, 06 – 08March, 2014.
[6]Jing Liu, Yang Xiao, Kaveh Ghaboosi, Hongmei Deng and Jingyuan Zhang “Botnet: Classification, attacks, Detection, tracing, and preventive measures.” Hindawi Publishing Corporation EURASIP Journal on Wireless Communications and Networking, Volume 2009.
[7]Amin kharaz, sajjad Arshad, Collin Muliner, William Robertson and Egin Kirda, “UNVEIL: A large-scale automated approach to detecting Ransomware.”, USENIX security symposium, Northeastern university, August 2016.
[8]http://www.howtogeek.com/137270/50-file-extensions-that-are-potentially-dangerous-on-windows/
[9]https://msdn.microsoft.com/en-us/library/930b76w0(v=vs.90).aspx
[10]http://www.gfi.com/blog/2015s-mvps-the-most-vulnerable-players/
[11]Xin luo and Qinyu Liao, “Awareness education as the key to ransomware prevention”, Information systems security, USA, 2007.
[12]Tulika Mithal, Kshitij Shah and Dushyant Kumar Singh, “Case Studies on Intelligent Approaches for Static Malware Analysis” ,Emerging Research in Computing, Information, Communication and Applications ,10 may 2016.
[13]Sarat komplli, “Using Existing Hardware Services for Malware Detection”, IEEE security and privacy workshops, 2014.
[14]Takahiro Kasama, Katsunari Yoshioka, Daisuke Inoue and Tsutomu Matsumoto, “Malware Detection Method by Catching Their Random Behavior in Multiple Executions”, IEEE/IPSJ 12th International Symposium on Applications and the Internet, 2012.
[15]Parvez Faruki et. al., “Android Security: A Survey of Issues, Malware Penetration, and Defenses”, IEEE communication surveys & tutorials, vol. 17, no. 2, Second quarter, 2015.
[16]Shirish Singh, Bharavi Mishra and Saket Singh, “Detecting Intelligent Malware on Dynamic Android Analysis Environments”, the 10th International Conference for Internet Technology and Secured Transactions, 2015.
[17]Konrad Rieck, Philipp Trinius, Carsten Willems and Thorsten Holz, “Automatic Analysis of Malware Behavior using Machine Learning”, Journal of Computer Security, IOS Press, 2011.