Abstract
Malware stands for malicious software, which is installed on a computer system without the knowledge of the system owner. It performs malicious actions such as stealing confidential information and allowing remote code execution, and it can cause denial of service. Recently, malware creators started to publish new malware, which can bypass anti-malware software, intrusion detection systems (IDS) and sandbox execution. Due to this evasion, the protection of computer networks and computerized systems against these programs has become one of the biggest challenges in the information security realm. This paper proposes a methodology to learn the well-known malware analysis and detection tools, to implement these tools on well-known malware and benign programs and to compare the obtained results. Further, this research will suggest to users how to analyze and detect existing and unknown malware. In a test case, 100 malware and 100 benign program samples were collected from different sources and analyzed under different versions of Windows machines. The test results indicated that it is almost impossible to detect malware by only using one tool. Using static and dynamic analysis tools together increased accuracy and the detection rate. The test results also showed that dynamic malware analysis tools outperformed static analysis tools.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.