Abstract
Spyware is the most complex, obfuscated, and targeted class of malware, which has grown dramatically in recent years. Spyware is designed for secret, long-term, and persistent missions. This paper provides a novel method for detection, tracking, and confronting the stealth and obfuscated spyware and ransomware, including keyloggers, screen recorders, and blockers. The proposed method of this paper is based on a dynamic behavioral analysis through deep and transparent hooking of kernel-level routines. We used linear regression, JRIP, and J48 decision tree algorithms as a classifier to recognize three classes of malware. This paper presents the main architectural plan of an anti-spyware application to track spyware footprints in order to detect and force terminate running processes, eliminate executable files, and restrict network communications. The efficiency of the proposed method was evaluated from the viewpoint of accuracy in detecting real-world samples of spyware by ROC curve analysis and from the viewpoint of success rate to confront effectively with active spyware. Our proposed method was able to recognize spyware with an accuracy of about 93% and an error rate near 7%. In addition, the proposed system can disinfect an operating system from infection by spyware with a hit rate of about 82%.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
