Antivirus False-Positive Alerts, Evading Malware Detection, and Cybersecurity Issues

ABSTRACT

The continuous development of evolving malware types creates a need to study and understand how antivirus products detect and alert users. This paper investigates today’s antivirus solutions and how their false-positive alerts affect software development and the distribution process. The authors discuss and demonstrate how antivirus detection deals with bespoke applications and how this can be reversed and manipulated to evade detection, allowing the process to be used by malicious software developers. The paper also demonstrates how an undetected malicious piece of software can be developed without using advanced hiding techniques, which will also be capable of overcoming reputation-based detection systems.


AUTHORS

Photo of Dr. Grigorios Fragkos

Grigorios Fragkos

Senior Consultant - Penetration Tester,Sysnet Global Solutions
UK

Dr. Grigorios Fragkos, BSc, MSc, PhD. Certified TigerScheme AST and QSTM. He has been part of the CyberDefense dept. of the Hellenic Army acting as Information Security consultant and Penetration tester. He has a number of publications in Computer Security and Computer Forensics. Currently, works for Sysnet Global Solutions as Sr. Consultant and Penetration tester. Follow @drgfragkos

Photo of Dr. Olga Angelopoulou

Olga Angelopoulou

School of Computing and Mathematics, Faculty of Business Computing and Law University of Derby, Derby, 
UK

Dr. Olga Angelopoulou, BSc, MSc, PhD, is a lecturer and the programme leader for the MSc Computer Forensic Investigation at the University of Derby. She obtained a doctorate in Computing with the title: ‘Analysis of Digital Evidence in Identity Theft Investigations’ from the University of Glamorgan. Her research interests include Digital Forensics, Identity Theft, Online Fraud, Digital Investigation Methodologies and Online Social Networking.

Konstantinos Xynos

Information Security Research Group, Faculty of Computing, Engineering and Science, University of South Wales, Wales
UK

Mr. Konstantinos Xynos is a lecturer at the University of South Wales and holds a BSc in Software Engineering and MSc in Computer Systems Security. He is part of the Information Security Research Group where he specializes and publishes papers in computer security, network security and computer forensics.


Published In

Volume 12, Issue 3

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

(

2

3

4

8

9

A
AI
APT

a

B

C
C2
C2S
CDX
CIA
CIP
CPS

D
DNS
DoD
DoS

E

e

F

G

H

I
IA
ICS

i

J

K

L

M

N

O

P
PDA

Q

R

S
SOA

T

t

U

V

W

X
XRY

Y

Z

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com