Presentation | 2007-07-20 Exploring the required conditions for malware to run for behavior analysis Yuji HOSHIZAWA, Kouichirou OKADA, Motoaki YAMAMURA, Takayoshi SHIIGI, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | As a way of knowing host or behavior of malware on the network, we run malware in an isolated environment that doesn't affect other systems and monitor the behavior, which is called dynamic analysis. It is relatively easy to realize and get a certain level of results quickly, because there are many tools that record the access to the registry or files and capture the network traffic. However, it is far from easy to analyze malware that work under specific conditions, such as malware that change process depending on time and date or the day of the week, or work only when there are particular files. In this paper, we consider the way of exploring required conditions of malware automatically, to reduce the analyzing time and to improve the accuracy of the result of analysis using the dynamic analysis. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Malware / Bot / Required conditions / Automation |
Paper # | ISEC2007-53 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2007/7/13(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Exploring the required conditions for malware to run for behavior analysis |
Sub Title (in English) | |
Keyword(1) | Malware |
Keyword(2) | Bot |
Keyword(3) | Required conditions |
Keyword(4) | Automation |
1st Author's Name | Yuji HOSHIZAWA |
1st Author's Affiliation | SecureBrain Corporation() |
2nd Author's Name | Kouichirou OKADA |
2nd Author's Affiliation | SecureBrain Corporation |
3rd Author's Name | Motoaki YAMAMURA |
3rd Author's Affiliation | SecureBrain Corporation |
4th Author's Name | Takayoshi SHIIGI |
4th Author's Affiliation | Japan Computer Emergency Response Team Coordination Center |
Date | 2007-07-20 |
Paper # | ISEC2007-53 |
Volume (vol) | vol.107 |
Number (no) | 141 |
Page | pp.pp.- |
#Pages | 5 |
Date of Issue |