Agent-based vs agent-less sandbox for dynamic behavioral analysis

Muhammad Ali, Stavros Shiaeles, Maria Papadaki, Bogdan V. Ghita

Research output: Chapter in Book/Report/Conference proceedingConference contribution

167 Downloads (Pure)

Abstract

Malicious software is detected and classified by either static analysis or dynamic analysis. In static analysis, malware samples are reverse engineered and analyzed so that signatures of malware can be constructed. These techniques can be easily thwarted through polymorphic, metamorphic malware, obfuscation and packing techniques, whereas in dynamic analysis malware samples are executed in a controlled environment using the sandboxing technique, in order to model the behavior of malware. In this paper, we have analyzed Petya, Spyeye, VolatileCedar, PAFISH etc.Through Agent-based and Agentless dynamic sandbox systems in order to investigate and benchmark their efficiency in advanced malware detection.

Original languageEnglish
Title of host publication2018 Global Information Infrastructure and Networking Symposium, GIIS 2018
PublisherIEEE
Number of pages5
ISBN (Electronic)978-1-5386-7272-3
ISBN (Print)978-1-5386-7273-0
DOIs
Publication statusPublished - 7 Feb 2019
Event2018 Global Information Infrastructure and Networking Symposium - Thessaloniki, Greece
Duration: 23 Oct 201825 Oct 2018

Publication series

Name2018 Global Information Infrastructure and Networking Symposium, GIIS 2018
PublisherIEEE
ISSN (Print)2379-3783
ISSN (Electronic)2150-329X

Conference

Conference2018 Global Information Infrastructure and Networking Symposium
Abbreviated titleGIIS 2018
Country/TerritoryGreece
CityThessaloniki
Period23/10/1825/10/18

Keywords

  • Cuckoo
  • Dynamic analysis
  • Malware detection
  • Static analysis
  • VMRay

Fingerprint

Dive into the research topics of 'Agent-based vs agent-less sandbox for dynamic behavioral analysis'. Together they form a unique fingerprint.

Cite this