Attack Process

Malware Analysis Framework from Static to Dynamic Analysis

ABSTRACT

Today, malicious software on networks is the major threat to internet security. Analysis of the malicious software is a multi-step process that can provide insight into its structure, functionality and behaviour that can be used to create an antidote. This paper focuses on how the analysis of malicious software can be used and how details of events gathered from an infected system can be used to detect a new infection. This strategy makes it possible to detect an infection on a honeypot that has been deployed to detect zero-day attacks. This paper demonstrates the steps taken in the analysis of malicious software from static to dynamic analysis, then the same methodology is used to analyse an infection on the honeypot. The paper concludes with an explanation of the difference between the static and dynamic analysis of malicious code. 

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com