Abstract
In offensive and defensive exercises, the security detection side (red team) conducts simulated real network attacks from various entry points to the maximum extent in limited time without affecting the operation of the enterprise. And defense detection side (blue team), always represented the enterprise, conducts the defense based on the existing security measures to the best. Anti-anti-virus technology is significant and commonly used by the red team, to save the virus Trojan from being checked by antivirus software. However, most of existing anti-anti-virus methods are offline and complicated to develop on the site. This paper proposed an online automated anti-anti-virus method and introduced the design and implementation of an online anti-anti-virus tool in Python based on Flask Framework. Testing results show that the virus files processed by this tool can bypass much mainstream security software such as Velvet, 360, and Tencent Computer Control and it can achieve a low detection rate of 21.73%.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Long, Z., Baixue, L.: Analysis of poisonivy virus and research on anti-anti-virus methods. In: 2020 IEEE 3rd International Conference on Automation, Electronics and Electrical Engineering (AUTEEE), pp. 413–417. IEEE, Shenyang (2020)
Yifu, C., Ping, W.: Practice and exploration of php webshell anti-antivirus technology. Commun. Technol. 53(12), 3078–3086 (2020)
Jia-Xi, H.U., Wang, Y.J., Xue, Z.: Research of anti-anti-virus and anti-virus technology under new situation. Communications Technology (2017)
Chen, B., Ren, Z., Yu, C., Hussain, I., Liu, J.: Adversarial examples for CNN-based malware detectors. IEEE Access 7(99), 54360–54371 (2019)
Lu, Q., Wang, Y.: Detection technology of malicious code based on semantic. Multimed. Tools App. 76(19), 19543–19555 (2016). https://doi.org/10.1007/s11042-015-3228-7
Jingjing, G.: China’s cybersecurity industry urgently needs talent training. China Inf. World 04, 38–41 (2018)
Ntantogian, C., Poulios, G., Karopoulos, G., Xenakis, C.: Transforming malicious code to ROP gadgets for antivirus evasion. IET Inf. Secur. 13(6), 570–578 (2019)
Hedrick, M.R., Holman, J.: Stegarmory: offensive cyber security software for embedding shellcode in images (2021). (Preprint)
Li, L., Wei, L.: Automatic XSS detection and automatic anti-anti-virus payload generation. In: 2019 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, pp. 71–76. IEEE, Guilin (2019)
Raj, S, Walia, N.K.: A study on metasploit framework: a pen-testing tool. In: 2020 International Conference on Computational Performance Evaluation (ComPE), pp. 296–302. IEEE (2020)
Chen, L., Chunqiang, L., Guowei, Q.: Research on intruder countermeasures based on cobalt strike and office vulnerabilities. Cyberspace Secur. 9(1), 56–61 (2018)
Huang, H., et al.: A large-scale study of android malware development phenomenon on public malware submission and scanning platform. IEEE Trans. Big Data 7(2), 255–270 (2018)
Acknowledgments
This work was supported by grants from the Natural Science Foundation of Guangdong Province No. 2018A0303130082, Basic and Applied Basic Research Fund of Guangdong Province No. 2019A1515111080, and Foshan Self-Raised Science and Technology Plan Project No. 2018AB003691.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ma, L., Yang, H., Chai, Y., Fan, J., Yang, W. (2022). An Online Automated Anti-anti-virus Method. In: Wang, G., Choo, KK.R., Ko, R.K.L., Xu, Y., Crispo, B. (eds) Ubiquitous Security. UbiSec 2021. Communications in Computer and Information Science, vol 1557. Springer, Singapore. https://doi.org/10.1007/978-981-19-0468-4_26
Download citation
DOI: https://doi.org/10.1007/978-981-19-0468-4_26
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-0467-7
Online ISBN: 978-981-19-0468-4
eBook Packages: Computer ScienceComputer Science (R0)