Abstract
Malware has become the centerpiece of most security threats on the Internet. Malware analysis is an essential technology that extracts the runtime behavior of malware, and supplies signatures to detection systems and provides evidence for recovery and cleanup. The focal point in the malware analysis battle is how to detect versus how to hide a malware analyzer from malware during runtime. State-of-the-art analyzers reside in or emulate part of the guest operating system and its underlying hardware, making them easy to detect and evade. In this paper, we propose a transparent and external approach to malware analysis, which is motivated by the intuition that for a malware analyzer to be transparent, it must not…
Citation impact
- FWCI
- 45.19
- Percentile
- 100%
- References
- 36
Authors
4- ADArtem DinaburgCorresponding
Georgia Institute of Technology
- PRPaul Royal
Georgia Institute of Technology
- MSMonirul Sharif
Georgia Institute of Technology
- WLWenke Lee
Georgia Institute of Technology
Topics & keywords
- Malware
- Computer science
- Malware analysis
- Cryptovirology
- Spectrum analyzer
- Virtualization
- Software
- Computer security