EVALUATING THE EFFECTIVENESS OF ANTIVIRUS EVASION TOOLS AGAINST WINDOWS PLATFORM
Abstract
Despite the prevalence of cyber-crimes, information and communication technology ICT has become the most convenient medium of communication and information exchanges. With this development, the information security breach is now one of the complex and challenging issues software developers are facing. The tools that have been developed for penetration testing with the purpose to raise the level of security strength, have been used also by malicious intruders to gain access to our devices. This paper aimed to evaluate the effectiveness of some selected antivirus (AV) evasion tools: Avet, Veil 3.0, PeCloak.py, Shellter, and a Fat Rat, against a Window platform. The selection of these tools was made for the purpose of testing how they can generate undetectable malware against the current best Antivirus Solution products in the market. This, in turn, revealed AV solutions with the best performance in detecting malware with evasion capability. The paper adopted an experimental research design, in a Virtual lab setup with VMware Oracle VirtualBox, consisted of two machines (attacking and target machine). The results obtained indicated that the software evasion ranges from 0% to 83%. The Avet and PeCloak.py AV evasion tools were the best, while Kaspersky and Bitdefender antivirus appeared to be the best performing software protection in detecting the malware evasion tricks.
References
Allen, J. (2019) Eight (8) of the Best Free Antivirus Software Options. Retrieved from: https://mashable.com/roundup/best-free-antivirus/. Accessed: June 2019.
Beer, D. D., Hornat, C. (2006). Penetration Testing with Metasploit. Retrieved from http://www.scribd.com/doc/48616896/MSF-final, 2006. (Accessed: August 2019).
Chua, Balachandran (2018) Evaluated the Effectiveness of Android Obfuscation on EvadingAnti-malware. Retrieved from:http//www.researchgate.net/publication/323786257_Effectiveness_of_AndroidObfuscation_on_Evading_Anti-malware. Accessed: June 2019.
Chen, W. (2018) Encapsulating Antivirus (AV) Evasion Techniques in Metasploit Framework. Rapid 7, 2018.
Fisher, T. (2019) The 10 Best Free Antivirus Software of 2019. Retrieved from:
https://www.lifewire.com/best-free-antivirus-software-4151895. Accessed on 02, July 2019.
Johnston, Roger, G., Garcia, A. R. (2002) Vulnerability Assessment of Security Seals. Technical report LA- UR-96-3672. Alamos National Lab.
Kalogranis, C. (2018) AntiVirus Software Evasion: An Evaluation Of The AV Evasion Tools. University of Piraeus, 2018.
Orphanides, K. G. (2019) Best Free Antivirus 2019: 6 tried and tested ways to stay safe. Retrieved from: https://www.trustedreviews.com/best/best-freeantivirus- 3633595. Accessed on 28, June 2019
Ogeto, V. M. K. (2004). A survey of Computer-Based Information Systems Security Implemented by Large Private Manufacturing Companies in Kenya.MBA Thesis. University of Nairobi 2004.
Rubenking, J. N. (2019) The Best Free Antivirus Protection for 2019. Retrieved from: https://www.pcmag.com/roundup/267984/the-bestfree- antivirus-protection. Accessed on June 2019.
Shrestha, N. (2012) Security Assessment via Penetration Testing: A Network and System Administrator’s Approach. University Of Oslo, June 4, 2012.
Sukwong, O., Kim, H. S. (2011) Commercial Antivirus Software Effectiveness: An Empirical Study, IEEE Computer Society, pp. 63-70.
Techopedia, (2019) Malware – Payload Behavior. Available at www.technopedia.comAccessed: June 2019.
Themelis, N. (2018) A Tool for Antivirus Evasion: pyRAT. The University of Piraeus, Available: https://github.com/govolution/avet. Accessed in July 2019.
Wagenseil, P. (2019) Best Free Antivirus Software 2019. Retrieved from: https://www.tomsguide.com/us/best-freeantivirus, review-6003.html. Accessed: July 2019.
Yoo, S. G., Barriga, J. J. (2017) Malware Detection and Evasion with Machine Learning Techniques: A Survey.International Journal of Applied Engineering Research, Vol. ISSN 0973-4562 Volume 12, pp. 7207-7214, 2017.
FUDMA Journal of Sciences
