A SECURE ENVIRONMENT FOR BEHAVIORAL MALWARE ANALYSIS

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

JAVAHERI D.; PARSA S.

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: JOURNAL OF ELECTRONIC AND CYBER DEFENCE Year:2014 | Volume:2 | Issue:3 (7) Page(s): 65-76

Download Full-Text

Persian Verion

View:

752

Download:

Cites:

Information Journal Paper

Title

A SECURE ENVIRONMENT FOR BEHAVIORAL MALWARE ANALYSIS

Author(s)

JAVAHERI D. | PARSA S. | Issue Writer Certificate

Keywords

ANALYZER ENVIRONMENTQ2

SANDBOXQ1

MALWARE ANALYSISQ2

SOFTWARE VERIFICATIONQ2

SYSTEM CALL TRACKINGQ2

HOOKINGQ2

Abstract

In this article we propose a file analyzer based on SANDBOX in the client side. This ANALYZER ENVIRONMENT is used for safe execution of a suspicious application to find its behavior and determine if it is safe or not. This SANDBOX can also be used for behavioral modeling of a malware by in hand execution for understanding distractive and infecting pattern of malwares for creating disinfection and a cleaner method. The advantages of proposed method is in reducing problems with malware detection specifically in detection of obfuscated and metamorphic malwares that can't be detected by signature and static base analysis methods. So this contains the main goal of this article for providing platform of dynamic analysis. Proposed SANDBOX can monitor and track incoming requests of an application in both user and kernel mode of operating system. This article clusters incoming requests in 8 families with performing data mining on 21000 samples of malwares and benign files and replying them with 5 policies y including logging, redirection, rejecting, cheating and emulating of system resources. Our SANDBOX guarantees health of operation system during execution and analysis of malwares. In addition this article discusses challenges on dynamic analysis and ANALYZER ENVIRONMENT and gives solutions for them. Most of the challenges focus on methods of detecting and bypassing ANALYZER ENVIRONMENTs. At last, this article evaluates the proposed SANDBOX based on the potentiality and capabilities of behavioral tracking and usage of system resources and compares it with some top famous analyzers in the word.

Cites

No record.

References

No record.

Cite

APA: Copy

JAVAHERI, D., & PARSA, S.. (2014). A SECURE ENVIRONMENT FOR BEHAVIORAL MALWARE ANALYSIS. JOURNAL OF ELECTRONIC AND CYBER DEFENCE, 2(3 (7)), 65-76. SID. https://sid.ir/paper/243129/en

Vancouver: Copy

JAVAHERI D., PARSA S.. A SECURE ENVIRONMENT FOR BEHAVIORAL MALWARE ANALYSIS. JOURNAL OF ELECTRONIC AND CYBER DEFENCE[Internet]. 2014;2(3 (7)):65-76. Available from: https://sid.ir/paper/243129/en

IEEE: Copy

D. JAVAHERI, and S. PARSA, “A SECURE ENVIRONMENT FOR BEHAVIORAL MALWARE ANALYSIS,” JOURNAL OF ELECTRONIC AND CYBER DEFENCE, vol. 2, no. 3 (7), pp. 65–76, 2014, [Online]. Available: https://sid.ir/paper/243129/en

Related Journal Papers