Home // SECURWARE 2012 , The Sixth International Conference on Emerging Security Information, Systems and Technologies // View article

AWESOME - Automated Web Emulation for Secure Operation of a Malware-Analysis Environment

Authors:
Martin Brunner
Christian Martin Fuchs
Sascha Todt

Keywords: malware collection; malware analysis and defense.

Abstract:
We present AWESOME, a novel approach for integrated honeypot-based malware collection and analysis which extends the functionalities of existing approaches. In contrast to purely network-based approaches, the goal of our collection and analysis system is runtime retrieval of internal malware logic information. This approach allows us to provide analyzed malware with all requested resources in real time, despite the fact that it is executed within an isolated environment. Our assumption is that being able to track the entire malware execution life-cycle will enable a better understanding of current and emerging malware. This paper introduces our design, outlining its contributions and design considerations. An in-depth description and evaluation of each component will be discussed in separate work. While still under development, we expect our approach to make a significant contribution to enhanced analysis of current malware.

Pages: 68 to 71

Copyright: Copyright (c) IARIA, 2012

Publication date: August 19, 2012

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-209-7

Location: Rome, Italy

Dates: from August 19, 2012 to August 24, 2012