Applied Sciences (Feb 2020)

Systematic Approach to Malware Analysis (SAMA)

  • Javier Bermejo Higuera,
  • Carlos Abad Aramburu,
  • Juan-Ramón Bermejo Higuera,
  • Miguel Angel Sicilia Urban,
  • Juan Antonio Sicilia Montalvo

DOI
https://doi.org/10.3390/app10041360
Journal volume & issue
Vol. 10, no. 4
p. 1360

Abstract

Read online

Malware threats pose new challenges to analytic and reverse engineering tasks. It is needed for a systematic approach to that analysis, in an attempt to fully uncover their underlying attack vectors and techniques and find commonalities between them. In this paper, a method of malware analysis is described, together with a report of its application to the case of Flame and Red October. The method has also been used by different analysts to analyze other malware threats like ‘Stuxnet’, ‘Dark Comet’, ‘Poison Ivy’, ‘Locky’, ‘Careto’, and ‘Sofacy Carberp’. The method presented in this work is a systematic and methodological process of analysis, whose main objective is the acquisition of knowledge as well as to gain a full understanding of a particular malware. Using the proposed method to analyze two well-known malware as ‘Flame’ and ‘Red October’ will help to understand the added value of the method.

Keywords