Abstract
In this paper, some potentially unwanted program (PUP) samples are analyzed, detected and are blocked using YARA rules. Nowadays the user may notices the unwanted software such as PUP or a potentially unwanted application (PUA) . For security and parental control products subjective tagging criterion was used. To compromise privacy or weaken the computer's security such software was implemented. Third party software often bundle a wanted program to be downloaded with a wrapper application and may offer to install an unwanted application. In this paper, some samples of PUP under reverse engineering technique are analyzed by using YARA rules that promptly resist unwanted applications or programs
Highlights
Nowadays the user may notices the unwanted software such as POTENTIALLY UNWANTED PROGRAM (PUP) or a potentially unwanted application (PUA) .For security and parental control products subjective tagging criterion was used
The software bundled as potentially unwanted programs defined by antivirus companies includes adware which is a software that displays intrusive advertising, or spyware which is used to track the user's Internet usage to sell information to advertisers, inserted webpages into own advertising that a user perceives, or uses premium SMS services to rack up charges for the use
It clearly shows that out of 72 antivirus engines only 55 were detected that PUP sample which has showed in the Fig 4 and the remaining engines were detected it as a legitimate file
Summary
Nowadays the user may notices the unwanted software such as PUP or a potentially unwanted application (PUA) .For security and parental control products subjective tagging criterion was used. The software bundled as potentially unwanted programs defined by antivirus companies includes adware which is a software that displays intrusive advertising , or spyware which is used to track the user's Internet usage to sell information to advertisers , inserted webpages into own advertising that a user perceives, or uses premium SMS services to rack up charges for the use. Unethical consideration of this practice violates the security interests of users without their knowledge. By giving the appropriate collective strings as input in YARA rule it overcomes the false positivity
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
