Visible to the public A Malware Analysis and Artifact Capture Tool

TitleA Malware Analysis and Artifact Capture Tool
Publication TypeConference Paper
Year of Publication2018
AuthorsWright, D., Stroschein, J.
Conference Name2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech)
ISBN Number978-1-5386-7518-2
Keywordsartifact capture tool, Debuggers, Decompilers, Disassemblers, dynamic control, dynamic states, handwriting recognition, Human Behavior, interactive malware analysis, invasive software, Malware, malware analysis, malware artifacts, malware behavior, Metrics, Microsoft Windows, Monitoring, multiple code paths, obfuscation, obfuscation techniques, process flow, pubcrawl, Resiliency, sandbox, source code (software), static analysis, static states, Syntactics, Tools, Windows

Malware authors attempt to obfuscate and hide their code in its static and dynamic states. This paper provides a novel approach to aid analysis by intercepting and capturing malware artifacts and providing dynamic control of process flow. Capturing malware artifacts allows an analyst to more quickly and comprehensively understand malware behavior and obfuscation techniques and doing so interactively allows multiple code paths to be explored. The faster that malware can be analyzed the quicker the systems and data compromised by it can be determined and its infection stopped. This research proposes an instantiation of an interactive malware analysis and artifact capture tool.

Citation Keywright_malware_2018