Detection of Intrusions and Malware, and Vulnerability Assessment

1. Front Matter

   Pages I-XII

   PDF

2. Malware Analysis

   1. Front Matter

      Pages 1-1

      PDF

   2. Malrec: Compact Full-Trace Malware Recording for Retrospective Deep Analysis

      • Giorgio Severi, Tim Leek, Brendan Dolan-Gavitt

      Pages 3-23

   3. MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps

      • Michael Brengel, Christian Rossow

      Pages 24-45Open Access

   4. Spearphishing Malware: Do We Really Know the Unknown?

      • Yanko Baychev, Leyla Bilge

      Pages 46-66

3. Mobile and Embedded Security

   1. Front Matter

      Pages 67-67

      PDF

   2. Honey, I Shrunk Your App Security: The State of Android App Hardening

      • Vincent Haupert, Dominik Maier, Nicolas Schneider, Julian Kirsch, Tilo Müller

      Pages 69-91

   3. GuardION: Practical Mitigation of DMA-Based Rowhammer Attacks on ARM

      • Victor van der Veen, Martina Lindorfer, Yanick Fratantonio, Harikrishnan Padmanabha Pillai, Giovanni Vigna, Christopher Kruegel et al.

      Pages 92-113

   4. BINARM: Scalable and Efficient Detection of Vulnerabilities in Firmware Images of Intelligent Electronic Devices

      • Paria Shirani, Leo Collard, Basile L. Agba, Bernard Lebel, Mourad Debbabi, Lingyu Wang et al.

      Pages 114-138

4. Attacks

   1. Front Matter

      Pages 139-139

      PDF

   2. Update State Tampering: A Novel Adversary Post-compromise Technique on Cyber Threats

      • Sung-Jin Kim, Byung-Joon Kim, Hyoung-Chun Kim, Dong Hoon Lee

      Pages 141-161

   3. Evasive Malware via Identifier Implanting

      • Rui Tanabe, Wataru Ueno, Kou Ishii, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama et al.

      Pages 162-184Open Access

   4. On the Weaknesses of Function Table Randomization

      • Moritz Contag, Robert Gawlik, Andre Pawlowski, Thorsten Holz

      Pages 185-207

5. Detection and Containment

   1. Front Matter

      Pages 209-209

      PDF

   2. FraudBuster: Temporal Analysis and Detection of Advanced Financial Frauds

      • Michele Carminati, Alessandro Baggio, Federico Maggi, Umberto Spagnolini, Stefano Zanero

      Pages 211-233

   3. No Random, No Ransom: A Key to Stop Cryptographic Ransomware

      • Ziya Alper Genç, Gabriele Lenzini, Peter Y. A. Ryan

      Pages 234-255

   4. Hidden in Plain Sight: Filesystem View Separation for Data Integrity and Deception

      • Teryl Taylor, Frederico Araujo, Anne Kohlbrenner, Marc Ph. Stoecklin

      Pages 256-278

6. Web and Browser Security

   1. Front Matter

      Pages 279-279

      PDF

   2. Knockin’ on Trackers’ Door: Large-Scale Automatic Analysis of Web Tracking

      • Iskander Sanchez-Rola, Igor Santos

      Pages 281-302

   3. JaSt: Fully Syntactic Detection of Malicious (Obfuscated) JavaScript

      • Aurore Fass, Robert P. Krawczyk, Michael Backes, Ben Stock

      Pages 303-325

This book constitutes the refereed proceedings of the 15th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2018, held in Saclay, France, in June 2018. The 17 revised full papers and 1 short paper included in this book were carefully reviewed and selected from 59 submissions. They present topics such as malware analysis; mobile and embedded security; attacks; detection and containment; web and browser security; and reverse engineering.

• Network security
• Privacy
• Anonymity
• Cryptography
• Security and privacy for big data
• Security and privacy metrics
• Security protocols
• Attacks
• Web security
• Malware and its mitigation
• Virtualization and security
• Data security
• Computer operating systems
• Malware
• Computer crime

• Vrije Universiteit Amsterdam, Amsterdam, The Netherlands

  Cristiano Giuffrida

• CEA, Palaiseau, France

  Sébastien Bardin

• Université Paris-Saclay, Evry, France

  Gregory Blanc

Policies and ethics