FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3136015799> ?p ?o ?g. }

• W3136015799 abstract "It is considered a common occurrence during security evaluations that someone must be convinced that antivirus software does not offer complete security. There are also times when a penetration tester encounters antivirus software. For these and several other reasons a variety of ways for bypassing antivirus systems has been invented. In this thesis we are going to deal with the use of encryption for bypassing antivirus detections. The idea of using encryption as an anti-detection technique is not new. It has been introduced previously by researchers along with their implementation of programs, called Crypters, which is the means to accomplice that. These programs are able to encrypt a malware and store it inside a legitimate file without affecting his original functionality. This file is able to bypass detection and then decrypt the malware and store it in a specific part of the disc or load it directly into computer's memory and execute it. Even though the general functionality of a crypter has remained the same over time, it is essential to create an architecture which would be compatible with the current systems and be able to avoid detection of the constantly developing antivirus systems. In this master thesis we are not going to invent a new way to bypass an antivirus detection. On the contrary, we are going to rely on previous researches in order to introduce a new architecture of a crypter that offers a unique output every time it is being used. The implementation is going to follow the same principals, as the previous ones, these of encrypting the malware but it will also inject into another process. The injection will be performed by a DLL that will also be encrypted inside the legitimate file. The encrypted DLL will be decrypted and will be loaded into memory. After that the DLL will inject the decrypted malware in a legitimate process. The crypter is in place to offer a unique output every time someone uses it. The encryption key along with the function names, DLL names, variables and strings are random and so different every time. Several tests have been contacted with the specific implementation and it has successfully bypassed detection of over forty antivirus software." @default.
• W3136015799 created "2021-03-29" @default.
• W3136015799 creator A5025208327 @default.
• W3136015799 date "2015-01-14" @default.
• W3136015799 modified "2023-10-01" @default.
• W3136015799 title "Bypassing antivirus detection with encryption" @default.
• W3136015799 hasPublicationYear "2015" @default.
• W3136015799 type Work @default.
• W3136015799 sameAs 3136015799 @default.
• W3136015799 citedByCount "0" @default.
• W3136015799 crossrefType "dissertation" @default.
• W3136015799 hasAuthorship W3136015799A5025208327 @default.
• W3136015799 hasConcept C111919701 @default.
• W3136015799 hasConcept C123657996 @default.
• W3136015799 hasConcept C142362112 @default.
• W3136015799 hasConcept C148730421 @default.
• W3136015799 hasConcept C153349607 @default.
• W3136015799 hasConcept C19407854 @default.
• W3136015799 hasConcept C2777904410 @default.
• W3136015799 hasConcept C38652104 @default.
• W3136015799 hasConcept C41008148 @default.
• W3136015799 hasConcept C541664917 @default.
• W3136015799 hasConceptScore W3136015799C111919701 @default.
• W3136015799 hasConceptScore W3136015799C123657996 @default.
• W3136015799 hasConceptScore W3136015799C142362112 @default.
• W3136015799 hasConceptScore W3136015799C148730421 @default.
• W3136015799 hasConceptScore W3136015799C153349607 @default.
• W3136015799 hasConceptScore W3136015799C19407854 @default.
• W3136015799 hasConceptScore W3136015799C2777904410 @default.
• W3136015799 hasConceptScore W3136015799C38652104 @default.
• W3136015799 hasConceptScore W3136015799C41008148 @default.
• W3136015799 hasConceptScore W3136015799C541664917 @default.
• W3136015799 hasLocation W31360157991 @default.
• W3136015799 hasOpenAccess W3136015799 @default.
• W3136015799 hasPrimaryLocation W31360157991 @default.
• W3136015799 hasRelatedWork W1603727792 @default.
• W3136015799 hasRelatedWork W2024346703 @default.
• W3136015799 hasRelatedWork W2073178641 @default.
• W3136015799 hasRelatedWork W2342877402 @default.
• W3136015799 hasRelatedWork W2535044533 @default.
• W3136015799 hasRelatedWork W2555237132 @default.
• W3136015799 hasRelatedWork W2591615325 @default.
• W3136015799 hasRelatedWork W268472369 @default.
• W3136015799 hasRelatedWork W2808801180 @default.
• W3136015799 hasRelatedWork W2890582809 @default.
• W3136015799 hasRelatedWork W2964833395 @default.
• W3136015799 hasRelatedWork W2966448719 @default.
• W3136015799 hasRelatedWork W3098640816 @default.
• W3136015799 hasRelatedWork W3112514357 @default.
• W3136015799 hasRelatedWork W3154276123 @default.
• W3136015799 hasRelatedWork W3177370349 @default.
• W3136015799 hasRelatedWork W59931895 @default.
• W3136015799 hasRelatedWork W2414452294 @default.
• W3136015799 hasRelatedWork W2566356607 @default.
• W3136015799 hasRelatedWork W2913539486 @default.
• W3136015799 isParatext "false" @default.
• W3136015799 isRetracted "false" @default.
• W3136015799 magId "3136015799" @default.
• W3136015799 workType "dissertation" @default.