Abstract
In this paper, some potentially unwanted program (PUP) samples are analyzed, detected and are blocked using YARA rules. Nowadays the user may notices the unwanted software such as PUP or a potentially unwanted application (PUA) . For security and parental control products subjective tagging criterion was used. To compromise privacy or weaken the computer's security such software was implemented. Third party software often bundle a wanted program to be downloaded with a wrapper application and may offer to install an unwanted application. In this paper, some samples of PUP under reverse engineering technique are analyzed by using YARA rules that promptly resist unwanted applications or programs
Highlights
Nowadays the user may notices the unwanted software such as POTENTIALLY UNWANTED PROGRAM (PUP) or a potentially unwanted application (PUA) .For security and parental control products subjective tagging criterion was used
The software bundled as potentially unwanted programs defined by antivirus companies includes adware which is a software that displays intrusive advertising, or spyware which is used to track the user's Internet usage to sell information to advertisers, inserted webpages into own advertising that a user perceives, or uses premium SMS services to rack up charges for the use
It clearly shows that out of 72 antivirus engines only 55 were detected that PUP sample which has showed in the Fig 4 and the remaining engines were detected it as a legitimate file
Summary
Nowadays the user may notices the unwanted software such as PUP or a potentially unwanted application (PUA) .For security and parental control products subjective tagging criterion was used. The software bundled as potentially unwanted programs defined by antivirus companies includes adware which is a software that displays intrusive advertising , or spyware which is used to track the user's Internet usage to sell information to advertisers , inserted webpages into own advertising that a user perceives, or uses premium SMS services to rack up charges for the use. Unethical consideration of this practice violates the security interests of users without their knowledge. By giving the appropriate collective strings as input in YARA rule it overcomes the false positivity
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Engineering and Advanced Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
