An Emulator Based Approach
Malicious software (i.e., malware) has become a severe threat to interconnected computer systems for decades and has caused billions of dollars damages each year. A large volume of new malware samples are discovered daily. Even worse, malware is rapidly evolving becoming more sophisticated and evasive to strike against current malware analysis and defense systems.
Automatic Malware Analysis presents a virtualized malware analysis framework that addresses common challenges in malware analysis. In regards to this new analysis framework, a series of analysis techniques for automatic malware analysis is developed. These techniques capture intrinsic characteristics of malware, and are well suited for dealing with new malware samples and attack mechanisms.
Introduction.- Dynamic Binary Analysis Platform.- Hidden Code Extraction.- Privacy-breaching Behavior Analysis.- Hooking Behavior Analysis.- Analysis of Trigger Conditions and Hidden Behaviors.- Concluding Remarks.
From the reviews:
"The authors present their architecture for dynamic binary analysis of malware. ... The authors do this quite well. Each chapter ends with a chapter summary and extensive references. ... the book presents a good concise explanation of the proposed architecture for automated detection of malware. It makes a useful little brief for quickly coming to grips with the basics of how malware works." (David B. Henderson, Computing Reviews, May, 2013)