Malware network behavior extraction based on dynamic binary analysis

Author

Wu, Yilun ; Zhang, Bofeng ; Lai, Zhiquan ; Su, Jinshu

Author_Institution

Coll. of Comput., Nat. Univ. of Defense Technol., Changsha, China

fYear

2012

fDate

22-24 June 2012

Firstpage

316

Lastpage

320

Abstract

Malware is a tremendous threat on the Internet. Current malware analysis systems focus on listing the malware behaviors, but make no mention of malware network behaviors which results in malware´s self-duplication and self-propagation on the Internet. In this paper, we present a new method to extract malware network behaviors. Our method is based on dynamic binary analysis and dynamic taint analysis. With the dynamic binary analysis, we can extract the malware network behavior and the self-duplication behavior. We also present a method to catch malware self-propagation behavior by using dynamic taint analysis. Finally, we evaluate our method and the results show that our method is successful in extracting malware network behavior and identifying the malware self-duplication behavior.

Keywords

Internet; invasive software; Internet; dynamic binary analysis; dynamic taint analysis; malware network behavior extraction; malware self-propagation behavior; self-duplication behavior; tremendous threat; Electronic mail; Malware; Malware; dynamic analysis; network behavior; self-duplication; self-propagation;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Engineering and Service Science (ICSESS), 2012 IEEE 3rd International Conference on

Conference_Location

Beijing

Print_ISBN

978-1-4673-2007-8

Type

conf

DOI

10.1109/ICSESS.2012.6269469

Filename

6269469