Title :
Practical malware analysis based on sandboxing
Author :
Vasilescu, Mihai ; Gheorghe, Lucian ; Tapus, Nicolae
Author_Institution :
Comput. Sci. Dept., Univ. Politeh. of Bucharest, Bucharest, Romania
Abstract :
The past years have shown an increase in the both number and sophistication of cyber-attacks targeting Windows and Linux operating systems. Traditional network security solutions such as firewalls are incapable of detecting and stopping these attacks. In this paper, we describe our distributed firewall solution Distfw and its integration with a sandbox for malware analysis and detection. We demonstrate the effectiveness and shortcomings of such a solution. We use Cuckoo to perform automated analysis of malware samples and compare the results with the ones from manual analysis. We discover that Cuckoo provides similar results in a considerable amount of time.
Keywords :
Linux; invasive software; Cuckoo; Distfw solution; Linux operating system; Windows operating system; cyber-attacks; distributed firewall solution; malware analysis; malware detection; network security solutions; sandboxing; Firewalls (computing); IP networks; Malware; Manuals; Operating systems; Servers; malware; malware analysis; network security; sandbox;
Conference_Titel :
RoEduNet Conference 13th Edition: Networking in Education and Research Joint Event RENAM 8th Conference, 2014
Conference_Location :
Chisinau
Print_ISBN :
978-1-4799-6860-2
DOI :
10.1109/RoEduNet-RENAM.2014.6955304
