Skip to main content
Journal ArticleOPEN ACCESS

Automated malware analysis system and its sandbox for revealing malware's internal and external activities

IEICE Transactions on Information and Systems (2009) E92-D(5) 945-954
DOI: 10.1587/transinf.E92.D.945
26Citations
Citations of this article
24Readers
Mendeley users who have this article in their library.

Abstract

Malware has been recognized as one of the major security threats in the Internet. Previous researches have mainly focused on malware's internal activity in a system. However, it is crucial that the malware analysis extracts a malware's external activity toward the network to correlate with a security incident. We propose a novel way to analyze malware: focus closely on the malware's external (i.e., network) activity. A malware sample is executed on a sandbox that consists of a real machine as victim and a virtual Internet environment. Since this sandbox environment is totally isolated from the real Internet, the execution of the sample causes no further unwanted propagation. The sandbox is configurable so as to extract specific activity of malware, such as scan behaviors. We implement a fully automated malware analysis system with the sandbox, which enables us to carry out the large-scale malware analysis. We present concrete analysis results that are gained by using the proposed system. Copyright © 2009 The Institute of Electronics, Information and Communication Engineers.

Author supplied keywords

References Powered by Scopus

Toward automated dynamic malware analysis using CWSandbox

IEEE Security and Privacy
603Citations
N/AReaders
Get full text

The nepenthes platform: An efficient approach to collect malware

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
156Citations
N/AReaders
Get full text

Honeypot-aware advanced botnet construction and maintenance

Proceedings of the International Conference on Dependable Systems and Networks
99Citations
N/AReaders
Get full text
View more at Scopus

Cited by Powered by Scopus

A hybrid machine learning approach for malicious behaviour detection and recognition in cloud computing

Journal of Network and Computer Applications
84Citations
N/AReaders
Get full text

A privacy-conserving framework based intrusion detection method for detecting and recognizing malicious behaviours in cyber-physical power networks

Applied Intelligence
66Citations
N/AReaders
Get full text

A survey of malware behavior description and analysis

Frontiers of Information Technology and Electronic Engineering
47Citations
N/AReaders
Get full text
View more at Scopus

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Cite

CITATION STYLE

APA

Inoue, D., Yoshioka, K., Eto, M., Hoshizawa, Y., & Nakao, K. (2009). Automated malware analysis system and its sandbox for revealing malware’s internal and external activities. IEICE Transactions on Information and Systems, E92-D(5), 945–954. https://doi.org/10.1587/transinf.E92.D.945

Readers over time

‘09‘10‘12‘13‘15‘16‘17‘18‘20‘22‘23‘2402468

Readers' Seniority

Tooltip

PhD / Post grad / Masters / Doc 7

58%

Researcher 3

25%

Lecturer / Post doc 2

17%

Readers' Discipline

Tooltip

Computer Science 19

100%

Save time finding and organizing research with Mendeley

Sign up for free
0