skip to main content
10.1145/1940941.1940944acmotherconferencesArticle/Chapter ViewAbstractPublication PagesinfoseccdConference Proceedingsconference-collections
research-article

Malware analysis reverse engineering (MARE) methodology & malware defense (M.D.) timeline

Published: 01 October 2010 Publication History

Abstract

Currently there exist no formal or structured method for analyzing malware, the implications of a hodgepodge method leads to inconsistencies and incomplete findings of analyzed malware. Malware Analysis and Reverse Engineering (MARE) is a methodology that introduces a structured approach to malware analysis. A structured approach leads to a more consistent and complete analysis report. The MARE methodology is designed to take a malware analyst from the moment of detecting malware to the end of fully grasping the analyzed malware's full functionality and capabilities. The MARE methodology presents helpful tools and more importantly, a structured process flow to help analyst better understand how to analyze malware. The Malware Defense (M.D.) timeline maps out our ultimate research goal and presents where we are currently at in reaching that goal - eliminate the threat of malware. Finally, the applicability of MARE to the judicial system and teaching is discussed.

References

[1]
Aquilina, J. M., Casey, E., Malin, C. H. Malware Forensics Investigating and Analyzing Malicious Code. Syngress Publishing Inc., Burlington, 2008.
[2]
Cowdery, N. Emerging Trends in Cyber Crime. in 13th Conference on New Technologies in Crime and Prosecution: Challenges and Opportunities, (Singapore, 2008), N. D., 1--7.
[3]
Eilam, E. Reversing Secrets of Reverse Engineering. Wiley Publishing Inc., Indianapolis, 2005.
[4]
McAfee Threats Report: Fourth Quarter 2009. Retrived June 13, 2010 from McAfee Inc.: http://www.mcafee.com/us/local_content/reports/threats_2009Q4_final.pdf.
[5]
McFedries, P. Microsoft Windows Home Server Unleashed, Second Edition. Sams Publishing, Indianapolis, 2010.
[6]
Paget, F. Financial Fraud and Internet Banking: Threats and Countermeasures. Retrieved June 13, 2010 from McAfee Inc.: http://www.mcafee.com/us/local_content/reports/6168rpt_fraud_0409.pdf.
[7]
Rootkits, Part 1 of 3: The Growing Threat. Retrieved June 13, 2010 from Mcafee Inc.: http://www.mcafee.com/us/local_content/white_papers/threat_center/wp_akapoor_rootkits1_en.pdf.
[8]
Yan, W., Zhang, Z., Ansari, N. Revealing Packed Malware. IEEE Security & Privacy, September/October (2008). 72--76.
[9]
Zeltser, L. (2001) Reverse Engineering Malware. Retrieved June 13, 2010 from Lenny Zeltser: http://zeltser.com/reverse-malware-paper/reverse-malware.pdf.
[10]
Zeus: A Persistent Criminal Enterprise. Retrived June 13, 2010 from Trend Micro Inc.: http://us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/zeusapersistentcriminalenterprise.pdf.

Cited By

View all
  • (2024)What do malware analysts want from academia? A survey on the state-of-the-practice to guide research developmentsProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678892(77-96)Online publication date: 30-Sep-2024
  • (2024)Reverse Engineering of Android Malware Classification Using Semi-Supervised Learning2024 10th International Conference on Advanced Computing and Communication Systems (ICACCS)10.1109/ICACCS60874.2024.10717122(995-1000)Online publication date: 14-Mar-2024
  • (2022)Malware Identification, Analysis and SimilarityCyber Security and Network Security10.1002/9781119812555.ch3(47-69)Online publication date: 27-Mar-2022
  • Show More Cited By
  1. Malware analysis reverse engineering (MARE) methodology & malware defense (M.D.) timeline

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    InfoSecCD '10: 2010 Information Security Curriculum Development Conference
    October 2010
    187 pages
    ISBN:9781450302029
    DOI:10.1145/1940941
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    • KSU - CISE: KSU Center for InfoSec Education
    • ISSA: The Metro Atlanta Information Systems Security Association

    In-Cooperation

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 01 October 2010

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. MARE methodology
    2. malware analysis reverse engineering
    3. malware defense (M.D.) timeline

    Qualifiers

    • Research-article

    Conference

    InfoSecCD '10
    Sponsor:
    • KSU - CISE
    • ISSA

    Acceptance Rates

    Overall Acceptance Rate 18 of 23 submissions, 78%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)55
    • Downloads (Last 6 weeks)3
    Reflects downloads up to 11 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)What do malware analysts want from academia? A survey on the state-of-the-practice to guide research developmentsProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678892(77-96)Online publication date: 30-Sep-2024
    • (2024)Reverse Engineering of Android Malware Classification Using Semi-Supervised Learning2024 10th International Conference on Advanced Computing and Communication Systems (ICACCS)10.1109/ICACCS60874.2024.10717122(995-1000)Online publication date: 14-Mar-2024
    • (2022)Malware Identification, Analysis and SimilarityCyber Security and Network Security10.1002/9781119812555.ch3(47-69)Online publication date: 27-Mar-2022
    • (2019)A basic malware analysis methodComputer Fraud & Security10.1016/S1361-3723(19)30064-82019:6(11-19)Online publication date: Jun-2019
    • (2015)Patterns in malware designed for data espionage and backdoor creation2015 12th International Bhurban Conference on Applied Sciences and Technology (IBCAST)10.1109/IBCAST.2015.7058526(338-342)Online publication date: Jan-2015
    • (undefined)'Materiality' Requirement in Credit Derivatives Fraud Litigations: The Hidden Role of the 'Short-Party'SSRN Electronic Journal10.2139/ssrn.2621331

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media