Full metadata record
DC FieldValueLanguage
dc.contributor.authorWang, Pingen_US
dc.contributor.authorLin, Wen-Huien_US
dc.contributor.authorChao, Wun Jieen_US
dc.contributor.authorChao, Kuo-Mingen_US
dc.contributor.authorLo, Chi-Chunen_US
dc.date.accessioned2017-04-21T06:49:48Z-
dc.date.available2017-04-21T06:49:48Z-
dc.date.issued2015en_US
dc.identifier.isbn978-1-4673-8002-7en_US
dc.identifier.urihttp://dx.doi.org/10.1109/ICEBE.2015.75en_US
dc.identifier.urihttp://hdl.handle.net/11536/135457-
dc.description.abstractMost existing approaches focus on examining the values are dangerous for information flow within inter-suspicious modules of cloud applications (apps) in a host by using malware threat analysis, rather than the risk posed by suspicious apps were connected to the cloud computing server. Accordingly, this paper proposes a taint propagation analysis model incorporating a weighted spanning tree analysis scheme to track data with taint marking using several taint checking tools. In the proposed model, Android programs perform dynamic taint propagation to analyse the spread of and risks posed by suspicious apps were connected to the cloud computing server. In determining the risk of taint propagation, risk and defence capability are used for each taint path for assisting a defender in recognising the attack results against network threats caused by malware infection and estimate the losses of associated taint sources. Finally, a case of threat analysis of a typical cyber security attack is presented to demonstrate the proposed approach. Our approach verified the details of an attack sequence for malware infection by incorporating a finite state machine (FSM) to appropriately reflect the real situations at various configuration settings and safeguard deployment. The experimental results proved that the threat analysis model allows a defender to convert the spread of taint propagation to loss and practically estimate the risk of a specific threat by using behavioural analysis with real malware infection.en_US
dc.language.isoen_USen_US
dc.subjectThreat analysisen_US
dc.subjectMalware behavioural analysisen_US
dc.subjectDynamic taint propagationen_US
dc.subjectFinite state machineen_US
dc.titleUsing Dynamic Taint Approach for of Malware Threaten_US
dc.typeProceedings Paperen_US
dc.identifier.doi10.1109/ICEBE.2015.75en_US
dc.identifier.journal2015 IEEE 12TH INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING (ICEBE)en_US
dc.citation.spage408en_US
dc.citation.epage416en_US
dc.contributor.department資訊管理與財務金融系 註:原資管所+財金所zh_TW
dc.contributor.departmentDepartment of Information Management and Financeen_US
dc.identifier.wosnumberWOS:000377382000058en_US
dc.citation.woscount1en_US
Appears in Collections:Conferences Paper