Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

AWESOME - Automated web emulation for secure operation of a malware-analysis environment

: Brunner, Martin; Fuchs, Christian; Todt, Sascha

International Academy, Research, and Industry Association -IARIA-:
Proceedings of the Sixth International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2012 : August 19 - 24, 2012 - Rome, Italy
Red Hook, NY: Curran, 2012
ISBN: 978-1-61208-209-7
International Conference on Emerging Security Information, Systems and Technologies (SECURWARE) <6, 2012, Rome>
Conference Paper
Fraunhofer SIT ()
malware collection; malware analysis; malware defense

We present AWESOME, a novel approach for integrated honeypot-based malware collection and analysis which extends the functionalities of existing approaches. In contrast to purely network-based approaches, the goal of our collection and analysis system is runtime retrieval of internal malware logic information. This approach allows us to provide analyzed malware with all requested resources in real time, despite the fact that it is executed within an isolated environment. Our assumption is that being able to track the entire malware execution life-cycle will enable a better understanding of current and emerging malware. This paper introduces our design, outlining its contributions and design considerations. An in-depth description and evaluation of each component will be discussed in separa te work. While still under development, we expect our approach to make a significant contribution to enhanced analysis of current malware.