Home            Contact us            FAQs
    
      Journal Home      |      Aim & Scope     |     Author(s) Information      |      Editorial Board      |      MSP Download Statistics

     Research Journal of Applied Sciences, Engineering and Technology

    Abstract
2015(Vol.9, Issue:1)
Article Information:

An Effective Method for Protecting Native API Hook Attacks in User-mode

K. Muthumanickam and E. Ilavarasan
Corresponding Author:  K. Muthumanickam 
Submitted: June ‎25, ‎2014
Accepted: September ‎20, ‎2014
Published: January 05, 2015
Abstract:
Today, many modern malware developers is taking the advantage of Application Programming Interface (API) hook technique to take the control of the victim computer which making it difficult to detect their presence. Because of the sophistication of rootkit tools, a remote attacker can use native API to compromise any computer which can later be used for many illegal activities such as sniffing network lines, capturing passwords, sending spam and DDoS attack, etc. Thus to protect end-system by identifying and preventing native API malicious code hooking is a challenging problem to the defenders. Today, many different malware-analysis tools incur specific features against malwares but manual and error-prone. In this study, we proposed a behavior-based monitoring detection system to effectively deal native API hooks in user-mode. Unlike other malware identification techniques, our approach involved dynamically analyzing the behavior of native API call hooking malwares. Comparing our experimental evaluation results with existing tools show better performance with no false positive.

Key words:  API Hooking, dynamic analysis, malicious code, rootkit, user-mode, ,
Abstract PDF HTML
Cite this Reference:
K. Muthumanickam and E. Ilavarasan, . An Effective Method for Protecting Native API Hook Attacks in User-mode. Research Journal of Applied Sciences, Engineering and Technology, (1): 33-39.
ISSN (Online):  2040-7467
ISSN (Print):   2040-7459
Submit Manuscript
   Information
   Sales & Services
Home   |  Contact us   |  About us   |  Privacy Policy
Copyright © 2024. MAXWELL Scientific Publication Corp., All rights reserved