Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Amélie Dieterich ; Matthias Schopp ; Lars Stiemert ; Christoph Steininger and Daniela Pöhn

Affiliation: Universität der Bundeswehr München, Neubiberg, Germany

Keyword(s): Malware, Persistence, Evaluation, Windows Security.

Abstract: The usage of persistence methods has become common, as adversaries seek to remain undetected with their malware on systems for longer periods. This raises the question of how effective frequently used persistence methods are across different versions of the Microsoft Windows operating system. To answer this question, a metric is developed by which persistence methods can be quantitatively evaluated and compared. The metric is subsequently applied to eight persistence mechanisms across four different Microsoft Windows operating systems. In our results, there is no difference in the performance of methods between operating systems and a majority of mechanisms scored similarly overall. There is, however, a significant decline in performance when defensive mechanisms are enabled. The results emphasize the effectiveness of basic persistence methods of Microsoft Windows operating systems.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.15.237.173

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Dieterich, A., Schopp, M., Stiemert, L., Steininger, C. and Pöhn, D. (2023). Evaluation of Persistence Methods Used by Malware on Microsoft Windows Systems. In Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-624-8; ISSN 2184-4356, SciTePress, pages 552-559. DOI: 10.5220/0011710200003405

@conference{icissp23,
author={Amélie Dieterich and Matthias Schopp and Lars Stiemert and Christoph Steininger and Daniela Pöhn},
title={Evaluation of Persistence Methods Used by Malware on Microsoft Windows Systems},
booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP},
year={2023},
pages={552-559},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011710200003405},
isbn={978-989-758-624-8},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - ICISSP
TI - Evaluation of Persistence Methods Used by Malware on Microsoft Windows Systems
SN - 978-989-758-624-8
IS - 2184-4356
AU - Dieterich, A.
AU - Schopp, M.
AU - Stiemert, L.
AU - Steininger, C.
AU - Pöhn, D.
PY - 2023
SP - 552
EP - 559
DO - 10.5220/0011710200003405
PB - SciTePress