Presentation 2022-11-21
Outsourcing Malware Dynamic Analysis without Disclosing File Contents
Keisuke Hamajima, Daisuke Kotani, Yasuo Okabe,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) Malware dynamic analysis requires specialized skills. If there are no security experts in the organization and it is difficult to analyze malware, one way to get the results of the analysis is to ask an analyst outside the organization to analyze a suspicious file. However, if the file to be analyzed contains confidential information, it is undesirable to disclose the confidential information to the analyst outside the organization. In this study, we propose a method to outsource dynamic analysis. Executing a file in the local environment and keeping the file secret from the analyst. During the analysis, information about API calls and the memory pointed to by the pointers as their argument is shared with the external environment. We evaluate the effectiveness and limitations of the proposed method for evasion techniques.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) Malware / Dynamic Analysis / Evasion Technique / Privacy / Hooking API calls
Paper # IA2022-44
Date of Issue 2022-11-14 (IA)

Conference Information
Committee IA
Conference Date 2022/11/21(1days)
Place (in Japanese) (See Japanese page)
Place (in English) Bandai Civic Hall (Niigata)
Topics (in Japanese) (See Japanese page)
Topics (in English) Student Sessions, etc. (cosponsored by Committee on Internet Technology)
Chair Tomoki Yoshihisa(Osaka Univ.)
Vice Chair Yusuke Sakumoto(Kwansei Gakuin Univ.) / Yuichiro Hei(KDDI Research) / Hiroshi Yamamoto(Ritsumeikan Univ.)
Secretary Yusuke Sakumoto(Osaka Univ.) / Yuichiro Hei(Kogakuin Univ.) / Hiroshi Yamamoto(Kyushu Inst. of Tech.)
Assistant Daisuke Kotani(Kyoto Univ.) / Ryo Nakamura(Fukuoka Univ.) / Ryo Nakamura(Univ. of Tokyo)

Paper Information
Registration To Technical Committee on Internet Architecture
Language JPN
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) Outsourcing Malware Dynamic Analysis without Disclosing File Contents
Sub Title (in English)
Keyword(1) Malware
Keyword(2) Dynamic Analysis
Keyword(3) Evasion Technique
Keyword(4) Privacy
Keyword(5) Hooking API calls
1st Author's Name Keisuke Hamajima
1st Author's Affiliation Kyoto University(Kyoto Univ.)
2nd Author's Name Daisuke Kotani
2nd Author's Affiliation Kyoto University(Kyoto Univ.)
3rd Author's Name Yasuo Okabe
3rd Author's Affiliation Kyoto University(Kyoto Univ.)
Date 2022-11-21
Paper # IA2022-44
Volume (vol) vol.122
Number (no) IA-268
Page pp.pp.47-51(IA),
#Pages 5
Date of Issue 2022-11-14 (IA)