An automated framework for runtime analysis of malicious executables on Linux

Igor Vurdelja, Ivan Blažić, Dragan Bojić, Dražen Drašković
2021 Telfor Journal  
One way of testing a malware detection tool is to expose it to a large number of diverse malware samples and verify its detection accuracy. During these tests, the host system must not be harmed by malware and yet be able to analyze its harmful behavior. An additional challenge is to run a large number of executables in the shortest amount of time. Advanced malware can even stop its execution when detecting a simulation. This paper presents a framework for automated malware analysis on Linux.
more » ... e proposed solution addresses these problems with parallel realistic simulations. Existing malware analysis methods are discussed, as well as technical details behind reliable execution simulations.
doi:10.5937/telfor2102087v fatcat:zaecybtlirgh7bhefsxai3kssu