Dataset Construction and Analysis of Screenshot Malware. / Sbai, Hugo; Happa, Jassim; Goldsmith, Michael; Meftali, Samy.
International Conference on Trust, Security and Privacy in Computing and Communications (Trustcom). IEEE, 2020.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Standard
Dataset Construction and Analysis of Screenshot Malware. / Sbai, Hugo; Happa, Jassim; Goldsmith, Michael; Meftali, Samy.
International Conference on Trust, Security and Privacy in Computing and Communications (Trustcom). IEEE, 2020.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Harvard
APA
Vancouver
Author
BibTeX
}
RIS
TY - GEN
T1 - Dataset Construction and Analysis of Screenshot Malware
AU - Sbai, Hugo
AU - Happa, Jassim
AU - Goldsmith, Michael
AU - Meftali, Samy
PY - 2020/12/29
Y1 - 2020/12/29
N2 - Among the various types of spyware, screenloggers are distinguished by their ability to capture screenshots. This gives them considerable nuisance capacity, giving rise to theft of sensitive data or, failing that, to serious invasions of the privacy of users. Several examples of attacks relying on this screen capture feature have been documented in recent years. However, there is not sufficient empirical and experimental evidence on this topic. Indeed, to the best of our knowledge, there is no dataset dedicated to screenshot-taking malware until today. The lack of datasets or common testbed platforms makes it difficult to analyse and study their behaviour in order to develop effective countermeasures. The screenshot feature is often a smart feature that does not activate automatically once the malware has infected the machine; the activation mechanisms of this function are often more complex. Consequently, a dataset which is completely dedicated to them would make it possible to better understand the subtleties of triggering screenshots and even to learn to distinguish them from the legitimate applications widely present on devices. The main purpose of this paper is to build such a dataset and analyse the behaviour of screenloggers.
AB - Among the various types of spyware, screenloggers are distinguished by their ability to capture screenshots. This gives them considerable nuisance capacity, giving rise to theft of sensitive data or, failing that, to serious invasions of the privacy of users. Several examples of attacks relying on this screen capture feature have been documented in recent years. However, there is not sufficient empirical and experimental evidence on this topic. Indeed, to the best of our knowledge, there is no dataset dedicated to screenshot-taking malware until today. The lack of datasets or common testbed platforms makes it difficult to analyse and study their behaviour in order to develop effective countermeasures. The screenshot feature is often a smart feature that does not activate automatically once the malware has infected the machine; the activation mechanisms of this function are often more complex. Consequently, a dataset which is completely dedicated to them would make it possible to better understand the subtleties of triggering screenshots and even to learn to distinguish them from the legitimate applications widely present on devices. The main purpose of this paper is to build such a dataset and analyse the behaviour of screenloggers.
KW - Spyware
KW - Screenlogger
KW - Malware
KW - Dataset
KW - Behaviour Analysis
KW - Malware Detection
KW - Screencapture
KW - Remote Access Trojan
M3 - Conference contribution
BT - International Conference on Trust, Security and Privacy in Computing and Communications (Trustcom)
PB - IEEE
T2 - IEEE TrustCom2020
Y2 - 29 December 2020 through 1 January 2021
ER -