Unknown Virus Detection Technique Using the Wine Log

2011 Fiscal Year Final Research Report

• Project/Area Number: 22700062
• Research Category: Grant-in-Aid for Young Scientists (B)
• Allocation Type: Single-year Grants
• Research Field: Computer system/Network
• Research Institution: Iwate University
• Principal Investigator: NAKAYA Naoshi 岩手大学, 工学部, 助教 (20322969)
• Project Period (FY): 2010 – 2011
• Keywords: ネットワークセキュリティ技術 / コンピュータウイルス

Research Abstract

In this research, I proposed some detection methods employing dynamic heuristics and capable of detecting unknown viruses by using Wine, a tool for executing Windows programs on a Unix-like OS, to capture a log of API function calls made by executable files. When these proposed methods were run on a test suite containing both viruses and harmless non-virus files, these experimental results showed that using Wine to capture a runtime log of API function calls is an effective technique for dynamic heuristic methods.

Research Products

• [Presentation] Wineを用いたAPIログによるコンピュータウイルスの検出 (2012)
  • Author(s): 村上智裕、中谷直司、厚井裕司
  • Organizer: 平成23年度第4回情報処理学会東北支部研究会
  • Place of Presentation: 岩手大学
  • Year and Date: 2012-01-21
• [Presentation] 圧縮による類似度比較を適用したウイルスの検出手法 (2010)
  • Author(s): 辺仙龍、中谷直司、厚井裕司
  • Organizer: 平成22年度第3回情報処理学会東北支部研究会
  • Place of Presentation: 岩手大学
  • Year and Date: 2010-12-18