Management System for Dynamic Analysis of Malicious Software

Krzysztof Cabaj

Abstract

In the recent years, one can observe the increase in the number of malicious software (malware) samples analyzed by the antivirus companies. One explanation is associated with attacker's antivirus systems hider tactic, which modifies hostile programs form, without changing it functionality. In effect, the first step of analysis is associated with the check if a given sample is a new threat or modification of existing. Very often such simple test can be performed automatically by dedicated information system. Paper describes information system, which allows dynamic analysis of malicious sample. Presented system was developed and deployed in the Institute of Computer Science, Warsaw University of Technology. During performed security research concerning ransomware threats system proves its usefulness. Additionally, the system become a knowledge base of known malware recently analyzed by our security team.
Author Krzysztof Cabaj II
Krzysztof Cabaj,,
- The Institute of Computer Science
Journal seriesInformation Systems in Management, ISSN 2084-5537
Issue year2016
Vol5
No4
Pages473-480
Publication size in sheets0.5
Keywords in Englishmalware, ransomware, dynamic analysis, expert system
URL http://ism.wzim.sggw.pl/wp-content/uploads/ISIM_5_4_2016.pdf
projectDevelopment of new algorithms in the areas of software and computer architecture, artificial intelligence and information systems and computer graphics . Project leader: Rybiński Henryk, , Phone: +48 22 234 7731, start date 18-05-2015, end date 30-11-2016, II/2015/DS/1, Completed
WEiTI Działalność statutowa
Languageen angielski
File
kcabaj_ISIM15.pdf (file archived - login or check accessibility on faculty) kcabaj_ISIM15.pdf 166.59 KB
Score (nominal)5
ScoreMinisterial score = 5.0, 27-03-2017, ArticleFromJournal
Ministerial score (2013-2016) = 5.0, 27-03-2017, ArticleFromJournal
Citation count*1 (2018-02-21)
Cite
Share Share



* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.
Back