Conference paper Open Access

Programmable Data Gathering for Detecting Stegomalware

Carrega, Alessandro; Caviglione, Luca; Repetto, Matteo; Zuppelli, Marco


DataCite XML Export

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://datacite.org/schema/kernel-4" xsi:schemaLocation="http://datacite.org/schema/kernel-4 http://schema.datacite.org/meta/kernel-4.1/metadata.xsd">
  <identifier identifierType="URL">https://zenodo.org/record/4268086</identifier>
  <creators>
    <creator>
      <creatorName>Carrega, Alessandro</creatorName>
      <givenName>Alessandro</givenName>
      <familyName>Carrega</familyName>
      <affiliation>CNIT</affiliation>
    </creator>
    <creator>
      <creatorName>Caviglione, Luca</creatorName>
      <givenName>Luca</givenName>
      <familyName>Caviglione</familyName>
      <affiliation>CNR-IMATI</affiliation>
    </creator>
    <creator>
      <creatorName>Repetto, Matteo</creatorName>
      <givenName>Matteo</givenName>
      <familyName>Repetto</familyName>
      <nameIdentifier nameIdentifierScheme="ORCID" schemeURI="http://orcid.org/">0000-0001-8478-2633</nameIdentifier>
      <affiliation>CNR-IMATI</affiliation>
    </creator>
    <creator>
      <creatorName>Zuppelli, Marco</creatorName>
      <givenName>Marco</givenName>
      <familyName>Zuppelli</familyName>
      <affiliation>CNR-IMATI</affiliation>
    </creator>
  </creators>
  <titles>
    <title>Programmable Data Gathering for Detecting Stegomalware</title>
  </titles>
  <publisher>Zenodo</publisher>
  <publicationYear>2020</publicationYear>
  <subjects>
    <subject>eBPF</subject>
    <subject>syscall tracing</subject>
    <subject>stegomalware</subject>
    <subject>covert channels</subject>
    <subject>detection</subject>
  </subjects>
  <dates>
    <date dateType="Issued">2020-08-12</date>
  </dates>
  <language>en</language>
  <resourceType resourceTypeGeneral="ConferencePaper"/>
  <alternateIdentifiers>
    <alternateIdentifier alternateIdentifierType="url">https://zenodo.org/record/4268086</alternateIdentifier>
  </alternateIdentifiers>
  <relatedIdentifiers>
    <relatedIdentifier relatedIdentifierType="DOI" relationType="IsIdenticalTo">10.1109/NetSoft48620.2020.9165537</relatedIdentifier>
  </relatedIdentifiers>
  <rightsList>
    <rights rightsURI="https://creativecommons.org/licenses/by/4.0/legalcode">Creative Commons Attribution 4.0 International</rights>
    <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights>
  </rightsList>
  <descriptions>
    <description descriptionType="Abstract">&lt;p&gt;The &amp;ldquo;arm race&amp;rdquo; against malware developers re- quires to collect a wide variety of performance measurements, for instance to face threats leveraging information hiding and steganography. Unfortunately, this process could be time- consuming, lack of scalability and cause performance degra- dations within computing and network nodes. In this paper we propose to take advantage of the joint activities of two H2020 Projects, namely ASTRID and SIMARGL. To prove the benefits of the cooperation between the solutions developed by the two aforementioned projects, this paper reports a preliminary performance evaluation on the use of the extended Berkeley Packet Filter to gather data for detecting stegomalware.&lt;/p&gt;</description>
  </descriptions>
  <fundingReferences>
    <fundingReference>
      <funderName>European Commission</funderName>
      <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/501100000780</funderIdentifier>
      <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/786922/">786922</awardNumber>
      <awardTitle>AddreSsing ThReats for virtualIseD services</awardTitle>
    </fundingReference>
    <fundingReference>
      <funderName>European Commission</funderName>
      <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/501100000780</funderIdentifier>
      <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/833042/">833042</awardNumber>
      <awardTitle>Secure Intelligent Methods for Advanced RecoGnition of malware and stegomalware</awardTitle>
    </fundingReference>
  </fundingReferences>
</resource>
23
89
views
downloads
Views 23
Downloads 89
Data volume 91.1 MB
Unique views 21
Unique downloads 87

Share

Cite as