publication . Conference object . 2020

Programmable Data Gathering for Detecting Stegomalware

Alessandro Carrega; Luca Caviglione; Matteo Repetto; Marco Zuppelli;
Open Access English
  • Published: 12 Aug 2020
Abstract
The “arm race” against malware developers requires to collect a wide variety of performance measurements, for instance to face threats leveraging information hiding and steganography. Unfortunately, this process could be time-consuming, lack of scalability and cause performance degradations within computing and network nodes. Moreover, since the detection of steganographic threats is poorly generalizable, being able to collect attack-independent indicators is of prime importance. To this aim, the paper proposes to take advantage of the extended Berkeley Packet Filter to gather data for detecting stegomalware. To prove the effectiveness of the approach, it also r...
Persistent Identifiers
Subjects
free text keywords: eBPF, syscall tracing, stegomalware, covert channels, detection, Computer network, business.industry, business, Steganography, Berkeley Packet Filter, Malware, computer.software_genre, computer, Node (networking), Computer science, Data collection, Information hiding, Covert channel, Scalability
Funded by
EC| ASTRID
Project
ASTRID
AddreSsing ThReats for virtualIseD services
  • Funder: European Commission (EC)
  • Project Code: 786922
  • Funding stream: H2020 | RIA
,
EC| SIMARGL
Project
SIMARGL
Secure Intelligent Methods for Advanced RecoGnition of malware and stegomalware
  • Funder: European Commission (EC)
  • Project Code: 833042
  • Funding stream: H2020 | IA
Validated by funder
Download fromView all 3 versions
Open Access
ZENODO
Conference object . 2020
Provider: ZENODO
Restricted
http://xplorestaging.ieee.org/...
Conference object . 2020
Provider: Crossref
Any information missing or wrong?Report an Issue