نویسندگان
1 دانشگاه آزاد اسلامی واحد بروجرد
2 دانشگاه علم و صنعت ایران
چکیده
کلیدواژهها
عنوان مقاله [English]
نویسندگان [English]
In this article new methods for detection and interception of Spywares specifically key loggers, Blockers and screen recorders is proposed. After detecting a malicious behavior, at run time by dynamic behavioral analysis, its corresponding process and executable file are located. All the interaction of the underlying network are logged and analyzed to extract the destination and source of the stolen information which was support to be transferred by the Spyware. After the malicious code is analyzed the process in the main memory is terminated and its executable and image files are removed from the hard disk, in addition could deliver junk information to spyware or diversion destination of it. The proposed method tracks and intercept malicious code through the kernel drivers belonging to the operation system. In this way we could bypass and ignore all the system functions in user mode and all the limitations and constraint imposed by the operating system. In this article the security of the proposed method is also considered and proposes a new method for interception of blockers and construction of secure virtual keyboards. In this way we could achieve the main target of the proposed method to secure the operation system environment of any Spywares. At the end this article evaluate proposed methods based on accuracy of detection and success reaction against Spywares. This Accuracy is 96% and reaction rate is 100%, We compare these results with top famous Anti-Spyware application in the word to prove that our proposed methods is competitive with the best and is better of them in some feathers.
کلیدواژهها [English]
)
