An efficient approach for advanced malware analysis using memory forensic technique

Chathuranga Rathnayaka, Aruna Jamdagni

Research output: Chapter in Book / Conference PaperConference Paperpeer-review

35 Citations (Scopus)

Abstract

![CDATA[Static analysis in malware analysis has been complex due to string searching methods. Forensic investigation of the physical memory or memory forensics provides a comprehensive analysis of malware, checking traces of malware in malware dumps that have been created while running in an operating system. In this study, we propose efficient and robust framework to analyse complex malwares by integrating both static analysis techniques and memory forensic techniques. The proposed framework has evaluated two hundred real malware samples and achieved a 90% detection rate. These results have been compared and verified with the results obtained from www.virustotal.com, which is online malware analysis tool. Additionally, we have identified the sources of many malware samples.]]
Original languageEnglish
Title of host publication2017 IEEE Trustcom/BigDataSE/ICESS: Proceedings of the 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, the 11th IEEE International Conference on Big Data Science and Engineering, and the 14th IEEE International Conference on Embedded Software and Systems, 1-4 August 2017, Sydney, Australia
PublisherIEEE
Pages1145-1150
Number of pages6
ISBN (Print)9781509049066
DOIs
Publication statusPublished - 2017
EventIEEE International Conference on Trust_Security and Privacy in Computing and Communications -
Duration: 1 Aug 2017 → …

Publication series

Name
ISSN (Print)2324-9013

Conference

ConferenceIEEE International Conference on Trust_Security and Privacy in Computing and Communications
Period1/08/17 → …

Keywords

  • computer networks
  • malware (computer software)

Fingerprint

Dive into the research topics of 'An efficient approach for advanced malware analysis using memory forensic technique'. Together they form a unique fingerprint.

Cite this