Jove
Visualize
Contact Us
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Concept Videos

High-Performance Liquid Chromatography: Types of Detectors01:15

High-Performance Liquid Chromatography: Types of Detectors

508
The role of the detectors in High-Performance Liquid Chromatography (HPLC) is to analyze the solutes as they exit from the chromatographic column. The detector recognizes the solute's property and generates corresponding electrical signals, which are converted into a readable graph of the detector's response versus elution time called a chromatogram at the computer. There are several types of HPLC detectors, each with its own advantages and limitations, depending on the analyte...
508

You might also read

Related Articles

Articles linked to this work by shared authors, journal, and citation graph.

Sort by
Same author

LEDA-Layered Event-Based Malware Detection Architecture.

Sensors (Basel, Switzerland)·2024
Same author

SpecRep: Adversary Emulation Based on Attack Objective Specification in Heterogeneous Infrastructures.

Sensors (Basel, Switzerland)·2024
Same author

Automated Chicago Classification for Esophageal Motility Disorder Diagnosis Using Machine Learning.

Sensors (Basel, Switzerland)·2022
Same journal

RETRACTED: Zhang et al. A Novel Framework for Reconstruction and Imaging of Target Scattering Centers via Wide-Angle Incidence in Radar Networks. <i>Sensors</i> 2025, <i>25</i>, 6802.

Sensors (Basel, Switzerland)·2026
Same journal

Enhancing Unsupervised Multi-Source Domain Adaptation for Person Re-Identification via Mixture of Experts and Graph-Based Relation.

Sensors (Basel, Switzerland)·2026
Same journal

Development of an Instrumented Glove for Palmar Pressure Assessment in Kayakers.

Sensors (Basel, Switzerland)·2026
Same journal

Development and Experimental Validation of an Autonomous IoT-Based Monitoring System for Real-Time Water Quality Assessment in the Amazon River.

Sensors (Basel, Switzerland)·2026
Same journal

Semi-Supervised Adversarial Learning Framework for Controller Area Network Bus Intrusion Detection.

Sensors (Basel, Switzerland)·2026
Same journal

Smart Optimization Method for Safety Signs in Innovative Manufacturing Environments Integrating Industrial Field IoT Sensors and Knowledge Graphs.

Sensors (Basel, Switzerland)·2026
See all related articles

Related Experiment Video

Updated: Jun 14, 2025

Visual Detection of Multiple Nucleic Acids in a Capillary Array
08:56

Visual Detection of Multiple Nucleic Acids in a Capillary Array

Published on: November 15, 2017

7.2K

Detection Strategies for COM, WMI, and ALPC-Based Multi-Process Malware.

Radu Marian Portase1,2, Andrei Marius Muntea1,2, Andrei Mermeze1,2

  • 1Computer Science Department, Technical University of Cluj Napoca, 400114 Cluj Napoca, Romania.

Sensors (Basel, Switzerland)
|August 29, 2024
PubMed
Summary
This summary is machine-generated.

Malicious processes can hide by spoofing benign behaviors using Component Object Model (COM) and Windows Management Instrumentation (WMI). Our system detects these attacks, identifying the true source of malicious actions with low performance impact.

Keywords:
COMWMIbehavior detectionmalwaresensor evasion

More Related Videos

Rapid and Specific Detection of Acinetobacter baumannii Infections Using a Recombinase Polymerase Amplification/Cas12a-based System
07:59

Rapid and Specific Detection of Acinetobacter baumannii Infections Using a Recombinase Polymerase Amplification/Cas12a-based System

Published on: April 25, 2025

190
DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning
04:17

DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning

Published on: May 10, 2024

704

Related Experiment Videos

Last Updated: Jun 14, 2025

Visual Detection of Multiple Nucleic Acids in a Capillary Array
08:56

Visual Detection of Multiple Nucleic Acids in a Capillary Array

Published on: November 15, 2017

7.2K
Rapid and Specific Detection of Acinetobacter baumannii Infections Using a Recombinase Polymerase Amplification/Cas12a-based System
07:59

Rapid and Specific Detection of Acinetobacter baumannii Infections Using a Recombinase Polymerase Amplification/Cas12a-based System

Published on: April 25, 2025

190
DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning
04:17

DNA Virus Detection System Based on RPA-CRISPR/Cas12a-SPM and Deep Learning

Published on: May 10, 2024

704

Area of Science:

  • Computer Science
  • Cybersecurity
  • Software Engineering

Background:

  • Behavioral malware detection relies on accurately attributing actions to processes.
  • Malicious actors employ sophisticated techniques to obscure their activities, including process behavior spoofing.

Purpose of the Study:

  • To investigate the use of Component Object Model (COM) and Windows Management Instrumentation (WMI) for process behavior spoofing attacks.
  • To develop and evaluate robust monitoring techniques for detecting these spoofing methods.
  • To analyze real-world malware utilizing COM, WMI, and Asynchronous Local Procedure Call (ALPC) for malicious purposes.

Main Methods:

  • Detailed analysis of COM, WMI, and Asynchronous Local Procedure Call (ALPC) internals.
  • Development and implementation of multiple functional process monitoring techniques.
  • Creation of a robust process monitoring system designed to identify spoofed actions.
  • Evaluation of monitoring techniques' strengths, weaknesses, and performance impact.

Main Results:

  • Demonstrated the feasibility of COM and WMI for creating sophisticated process behavior spoofing attacks.
  • Presented effective monitoring techniques capable of identifying spoofed malicious actions.
  • Developed a low-performance-impact monitoring system that accurately identifies the source of spoofed actions.
  • Examined real-world malware samples to understand practical exploitation of COM, WMI, and ALPC.

Conclusions:

  • COM and WMI are viable tools for advanced malware to hide malicious activities by spoofing benign process behaviors.
  • Effective monitoring systems are crucial for detecting and attributing actions in sophisticated spoofing attacks.
  • Understanding the internals of COM, WMI, and ALPC is key to developing robust cybersecurity defenses against these threats.