The continued growth in number and complexity of malware is a well established fact. Malware are no longer simple pieces of code that rely on unsuspecting users to spread and thrive. They can change, adapt and hide themselves from analysts, using very sophisticated techniques. Static analysis is complex and time consuming, and it could be difficult to deduce every possible malicious behavior, yet it is often very effective because it hinders the capability of malware to detect the analysis environment. The purpose of this work is to illustrate an open web-based project the authors are developing, and to show how its results can provide valuable assistance to the phase of static analysis. The goal is to support analysts in their exploration of code features, enabling them to make more focused, statistically motivated and structured decisions.
MalwareStats: Improving Static Analysis of Modern Malware through Statistical Characterization of Samples
MELIS, ANDREA;PRANDINI, MARCO;
2017
Abstract
The continued growth in number and complexity of malware is a well established fact. Malware are no longer simple pieces of code that rely on unsuspecting users to spread and thrive. They can change, adapt and hide themselves from analysts, using very sophisticated techniques. Static analysis is complex and time consuming, and it could be difficult to deduce every possible malicious behavior, yet it is often very effective because it hinders the capability of malware to detect the analysis environment. The purpose of this work is to illustrate an open web-based project the authors are developing, and to show how its results can provide valuable assistance to the phase of static analysis. The goal is to support analysts in their exploration of code features, enabling them to make more focused, statistically motivated and structured decisions.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
