Management System for Dynamic Analysis of Malicious Software

• Autorzy: Krzysztof Cabaj
• Języki publikacji: EN

Abstrakty

EN

In the recent years, one can observe the increase in the number of malicious software (malware) samples analyzed by the antivirus companies. One explanation is associated with attacker's antivirus systems hider tactic, which modifies hostile programs form, without changing it functionality. In effect, the first step of analysis is associated with the check if a given sample is a new threat or modification of existing. Very often such simple test can be performed automatically by dedicated information system. Paper describes information system, which allows dynamic analysis of malicious sample. Presented system was developed and deployed in the Institute of Computer Science, Warsaw University of Technology. During performed security research concerning ransomware threats system proves its usefulness. Additionally, the system become a knowledge base of known malware recently analyzed by our security team. (original abstract)

Słowa kluczowe

EN

Software; Dynamic analysis; Expert systems; Information system; Malware

PL

Oprogramowanie; Analiza dynamiczna; Systemy ekspertowe; System informacyjny; Szkodliwe oprogramowanie

• Czasopismo: Information Systems in Management
• Rocznik: 2016
• Tom: 5
• Numer: nr 4
• Strony: 473--480

Twórcy

autor

Krzysztof Cabaj

• Warsaw University of Technology, Poland

Bibliografia

• [1] McAffe Labs, Threats Report, May 2015, URL: www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2015.pdf
• [2] Symantec, Internet Threat Report, April 2015, URL: https://www4.symantec.com/mktginfo/whitepaper/ISTR/21347932_GA-internet-security-threat-report-volume-20-2015-social_v2.pdf
• [3] Kharraz A., Robertson W., Balzarotti D., Bilge L., Kirda E. (2015) Cutting the Gordian Knot: A Look Under the Hood of Ransomware, 12th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Milan, Italy.
• [4] Cabaj K., Gawkowski P., Grochowski K., Osojca D. (2015) Network activity analysis of CryptoWall ransomware, Przegląd Elektrotechniczny, Vol. 91, No 11.
• [5] Cabaj K., Denis M., Buda M. (2013) Management and Analytical Software for Data Gathered from HoneyPot System, Information Systems in Management, WULS Press Warsaw, vol. 2, nr 3, 182-193.
• [6] Cabaj K., Gawkowski P. (2015) HoneyPot systems in practice, Przegląd Elektrotechniczny, Vol. 91, No 2.
• [7] Malwr.com, https://malwr.com/ (last access November 2015).
• [8] Reverse.It, http://www.reverse.it/ (last access November 2015)