An Automated Framework for Runtime Analysis of Malicious Executables on Linux
One way of testing a malware detection tool is to expose it to a large number of diverse malware samples and verify its detection accuracy. During these tests, the host system must not be harmed by malware and yet be able to analyze its harmful behavior. An additional challenge is to run a large num...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Telecommunications Society, Academic Mind
2021-12-01
|
| Series: | Telfor Journal |
| Subjects: | |
| Online Access: |
http://journal.telfor.rs/Published/Vol13No2/Vol13No2_A5.pdf
|
| Summary: | One way of testing a malware detection tool is to expose it to a large number of diverse malware samples and verify its detection accuracy. During these tests, the host system must not be harmed by malware and yet be able to analyze its harmful behavior. An additional challenge is to run a large number of executables in the shortest amount of time. Advanced malware can even stop its execution when detecting a simulation. This paper presents a framework for automated malware analysis on Linux. The proposed solution addresses these problems with parallel realistic simulations. Existing malware analysis methods are discussed, as well as technical details behind reliable execution simulations. |
|---|---|
| ISSN: | 1821-3251 |