| Presentation | 2013-06-21 Development of Packet Forwarding Control for Dynamic Malware Analysis Using Pseudo Internet Soshi HIRONO, Kenji OHIRA, Yukiko YAMAGUCHI, Hirofumi YAMAKI, Hiroki TAKAKURA, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | In dynamic malware analysis, we cannot obtain sufficient results of malware analysis without Internet connectivity. However, if an analysis system allows unrestricted communication on the Internet, it may cause harm to external hosts. That is, the communication by a malware program which is necessary for its full function has to be allowed, while the traffic for attacking victims has to be blocked. In this research, we developed a method for adaptively forwarding packets to the real Internet or to a pseudo according to the type of traffic. In evaluation experiment using two kinds of imitative programs of malware, we confirmed that proposed system can pass necessary communication and block malicious communication with external hosts. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Malware / Dynamic Analysis / Sandbox / Internet Emulation |
| Paper # | IA2013-12,ICSS2013-12 |
| Date of Issue |
| Conference Information | |
| Committee | IA |
|---|---|
| Conference Date | 2013/6/13(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Internet Architecture(IA) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Development of Packet Forwarding Control for Dynamic Malware Analysis Using Pseudo Internet |
| Sub Title (in English) | |
| Keyword(1) | Malware |
| Keyword(2) | Dynamic Analysis |
| Keyword(3) | Sandbox |
| Keyword(4) | Internet Emulation |
| 1st Author's Name | Soshi HIRONO |
| 1st Author's Affiliation | Graduate School of Information Science, Nagoya University() |
| 2nd Author's Name | Kenji OHIRA |
| 2nd Author's Affiliation | Graduate School of Information Science, Nara Institute of Science and Technology |
| 3rd Author's Name | Yukiko YAMAGUCHI |
| 3rd Author's Affiliation | Information Technology Center, Nagoya University |
| 4th Author's Name | Hirofumi YAMAKI |
| 4th Author's Affiliation | School of Information Environment, Tokyo Denki University |
| 5th Author's Name | Hiroki TAKAKURA |
| 5th Author's Affiliation | Information Technology Center, Nagoya University |
| Date | 2013-06-21 |
| Paper # | IA2013-12,ICSS2013-12 |
| Volume (vol) | vol.113 |
| Number (no) | 94 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |