Conference paper Open Access

Programmable Data Gathering for Detecting Stegomalware

Carrega, Alessandro; Caviglione, Luca; Repetto, Matteo; Zuppelli, Marco


MARC21 XML Export

<?xml version='1.0' encoding='UTF-8'?>
<record xmlns="http://www.loc.gov/MARC21/slim">
  <leader>00000nam##2200000uu#4500</leader>
  <datafield tag="540" ind1=" " ind2=" ">
    <subfield code="u">https://creativecommons.org/licenses/by/4.0/legalcode</subfield>
    <subfield code="a">Creative Commons Attribution 4.0 International</subfield>
  </datafield>
  <datafield tag="260" ind1=" " ind2=" ">
    <subfield code="c">2020-08-12</subfield>
  </datafield>
  <controlfield tag="005">20201112122709.0</controlfield>
  <controlfield tag="001">4268086</controlfield>
  <datafield tag="909" ind1="C" ind2="O">
    <subfield code="p">openaire</subfield>
    <subfield code="o">oai:zenodo.org:4268086</subfield>
  </datafield>
  <datafield tag="520" ind1=" " ind2=" ">
    <subfield code="a">&lt;p&gt;The &amp;ldquo;arm race&amp;rdquo; against malware developers re- quires to collect a wide variety of performance measurements, for instance to face threats leveraging information hiding and steganography. Unfortunately, this process could be time- consuming, lack of scalability and cause performance degra- dations within computing and network nodes. In this paper we propose to take advantage of the joint activities of two H2020 Projects, namely ASTRID and SIMARGL. To prove the benefits of the cooperation between the solutions developed by the two aforementioned projects, this paper reports a preliminary performance evaluation on the use of the extended Berkeley Packet Filter to gather data for detecting stegomalware.&lt;/p&gt;</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">CNR-IMATI</subfield>
    <subfield code="a">Caviglione, Luca</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">CNR-IMATI</subfield>
    <subfield code="0">(orcid)0000-0001-8478-2633</subfield>
    <subfield code="a">Repetto, Matteo</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">CNR-IMATI</subfield>
    <subfield code="a">Zuppelli, Marco</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="s">1023846</subfield>
    <subfield code="z">md5:c1c2ae8ebbadf06e6ad392b622dcd8e4</subfield>
    <subfield code="u">https://zenodo.org/record/4268086/files/secsoft20-1.pdf</subfield>
  </datafield>
  <datafield tag="542" ind1=" " ind2=" ">
    <subfield code="l">open</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">publication</subfield>
    <subfield code="b">conferencepaper</subfield>
  </datafield>
  <datafield tag="100" ind1=" " ind2=" ">
    <subfield code="u">CNIT</subfield>
    <subfield code="a">Carrega, Alessandro</subfield>
  </datafield>
  <datafield tag="041" ind1=" " ind2=" ">
    <subfield code="a">eng</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">eBPF</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">syscall tracing</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">stegomalware</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">covert channels</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">detection</subfield>
  </datafield>
  <datafield tag="024" ind1=" " ind2=" ">
    <subfield code="a">10.1109/NetSoft48620.2020.9165537</subfield>
    <subfield code="2">doi</subfield>
  </datafield>
  <datafield tag="245" ind1=" " ind2=" ">
    <subfield code="a">Programmable Data Gathering for Detecting Stegomalware</subfield>
  </datafield>
  <datafield tag="536" ind1=" " ind2=" ">
    <subfield code="c">786922</subfield>
    <subfield code="a">AddreSsing ThReats for virtualIseD services</subfield>
  </datafield>
  <datafield tag="536" ind1=" " ind2=" ">
    <subfield code="c">833042</subfield>
    <subfield code="a">Secure Intelligent Methods for Advanced RecoGnition of malware and stegomalware</subfield>
  </datafield>
  <datafield tag="650" ind1="1" ind2="7">
    <subfield code="a">cc-by</subfield>
    <subfield code="2">opendefinition.org</subfield>
  </datafield>
</record>
23
88
views
downloads
Views 23
Downloads 88
Data volume 90.1 MB
Unique views 21
Unique downloads 86

Share

Cite as