Sciweavers

SAC
2010
ACM

Improving the efficiency of dynamic malware analysis

13 years 11 months ago
Improving the efficiency of dynamic malware analysis
Each day, security companies see themselves confronted with thousands of new malware programs. To cope with these large quantities, researchers and practitioners alike have developed dynamic malware analysis systems. These systems automatically execute a program in a controlled environment and produce a report describing the program's behavior. During the last three years, the number of malware programs appearing each day has increased by a factor of ten, and this number is expected to continue to grow. To keep pace with these developments without causing even more hardware costs for operating dynamic analysis systems, we have developed a technique that drastically reduces the overall analysis time. Our solution is based on the insight that the huge number of new malicious files is due to mutations of only a few malware programs. To save analysis time, we suggest a technique that avoids performing a full analysis of the same polymorphic file multiple times. In an experiment condu...
Ulrich Bayer, Engin Kirda, Christopher Kruegel
Added 06 Dec 2010
Updated 06 Dec 2010
Type Conference
Year 2010
Where SAC
Authors Ulrich Bayer, Engin Kirda, Christopher Kruegel
Comments (0)