An Automated Framework for Runtime Analysis of Malicious Executables on Linux

I. Vurdelja; I. Blažić; D. Bojić; D. Drašković

doi:10.5937/telfor2102087V

Telfor Journal (Dec 2021)

An Automated Framework for Runtime Analysis of Malicious Executables on Linux

I. Vurdelja,
I. Blažić,
D. Bojić,
D. Drašković

Affiliations

I. Vurdelja
I. Blažić
D. Bojić
D. Drašković

DOI: https://doi.org/10.5937/telfor2102087V
Journal volume & issue: Vol. 13, no. 2
pp. 87 – 91

Abstract

Read online

One way of testing a malware detection tool is to expose it to a large number of diverse malware samples and verify its detection accuracy. During these tests, the host system must not be harmed by malware and yet be able to analyze its harmful behavior. An additional challenge is to run a large number of executables in the shortest amount of time. Advanced malware can even stop its execution when detecting a simulation. This paper presents a framework for automated malware analysis on Linux. The proposed solution addresses these problems with parallel realistic simulations. Existing malware analysis methods are discussed, as well as technical details behind reliable execution simulations.

Published in Telfor Journal

ISSN: 1821-3251 (Print); 2334-9905 (Online)
Publisher: Telecommunications Society, Academic Mind
Country of publisher: Serbia
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://journal.telfor.rs

About the journal

Abstract

Keywords