A Survey on Automated Dynamic Malware-Analysis Techniques and Tools

被引：453

作者：

Egele, Manuel ^{[1
]}

Scholte, Theodoor ^{[2
]}

Kirda, Engin ^{[3
]}

Kruegel, Christopher ^{[4
]}

机构：

[1] Vienna Univ Technol, A-1040 Vienna, Austria

[2] SAP Res, Sophia Antipolis, France

[3] Inst Eurecom, Sophia Antipolis, France

[4] Univ Calif Santa Barbara, Santa Barbara, CA 93106 USA

来源：

ACM COMPUTING SURVEYS | 2012年 / 44卷 / 02期

基金：

美国国家科学基金会;

关键词：

Security; Dynamic analysis; malware; INFORMATION;

D O I：

10.1145/2089125.2089126

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Anti-virus vendors are confronted with a multitude of potentially malicious samples today. Receiving thousands of new samples every day is not uncommon. The signatures that detect confirmed malicious threats are mainly still created manually, so it is important to discriminate between samples that pose a new unknown threat and those that are mere variants of known malware. This survey article provides an overview of techniques based on dynamic analysis that are used to analyze potentially malicious samples. It also covers analysis programs that employ these techniques to assist human analysts in assessing, in a timely and appropriate manner, whether a given sample deserves closer manual inspection due to its unknown malicious behavior.

引用

页数：42

共 96 条

[1] [Anonymous], 2006, ACM SIGOPS OPER SYST, DOI DOI 10.1145/1218063.1217938
[2] [Anonymous], 2007, P 1 WORKSH HOT TOP U
[3] [Anonymous], 2009, NDSS 2009 16 ANN NET
[4] [Anonymous], P 13 USENIX SEC S
[5] [Anonymous], 2007, P USENIX WORKSH HOT
[6] [Anonymous], 2007, ESEC FSE 2007
[7] [Anonymous], P IEEE S SEC PRIV
[8] AVIRA PRESS CENTER, 2007, AV WARNS TARG MALW A
[9] Automatic Discovery and Quantification of Information Leaks
Backes, Michael
Koepf, Boris
Rybalchenko, Andrey
[J]. PROCEEDINGS OF THE 2009 30TH IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2009, : 141 - +
[10] BAECHER P, X86 SHELLCODE DETECT

← 1 2 3 4 5 6 7 8 9 10 →