A Malware Analysis and Artifact Capture Tool
Title | A Malware Analysis and Artifact Capture Tool |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Wright, D., Stroschein, J. |
Conference Name | 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech) |
ISBN Number | 978-1-5386-7518-2 |
Keywords | artifact capture tool, Debuggers, Decompilers, Disassemblers, dynamic control, dynamic states, handwriting recognition, Human Behavior, interactive malware analysis, invasive software, Malware, malware analysis, malware artifacts, malware behavior, Metrics, Microsoft Windows, Monitoring, multiple code paths, obfuscation, obfuscation techniques, process flow, pubcrawl, Resiliency, sandbox, source code (software), static analysis, static states, Syntactics, Tools, Windows |
Abstract | Malware authors attempt to obfuscate and hide their code in its static and dynamic states. This paper provides a novel approach to aid analysis by intercepting and capturing malware artifacts and providing dynamic control of process flow. Capturing malware artifacts allows an analyst to more quickly and comprehensively understand malware behavior and obfuscation techniques and doing so interactively allows multiple code paths to be explored. The faster that malware can be analyzed the quicker the systems and data compromised by it can be determined and its infection stopped. This research proposes an instantiation of an interactive malware analysis and artifact capture tool. |
URL | https://ieeexplore.ieee.org/document/8511906 |
DOI | 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00063 |
Citation Key | wright_malware_2018 |
- microsoft windows
- Windows
- tools
- Syntactics
- static states
- static analysis
- source code (software)
- sandbox
- Resiliency
- pubcrawl
- process flow
- obfuscation techniques
- obfuscation
- multiple code paths
- Monitoring
- artifact capture tool
- Metrics
- malware behavior
- malware artifacts
- Malware Analysis
- malware
- invasive software
- interactive malware analysis
- Human behavior
- handwriting recognition
- dynamic states
- dynamic control
- Disassemblers
- Decompilers
- debuggers