Hybrid Real-time Zero-day Malware Analysis and Reporting System

Abstract

Abstract-To understand completely the malicious intents of a zero-day malware there is really no automated way. There is no single best approach for malware analysis so it demands to combine existing static, dynamic and manual malware analysis techniques in a single unit. In this paper a hybrid real-time analysis and reporting system is presented. The proposed system integrates various malware analysis tools and utilities in a component-based architecture. The system automatically provides detail result about zero-day malware's behavior. The ultimate goal of this analysis and reporting is to gain a quick and brief understanding of the malicious activity performed by a zero-day malware while minimizing the time frame between the detection of zero-day attack and generation of a security solution. The results are paramount valuable for a malware analyst to perform zero-day malware detection and containment.