Options
2012
Conference Paper
Title
AWESOME - Automated web emulation for secure operation of a malware-analysis environment
Abstract
We present AWESOME, a novel approach for integrated honeypot-based malware collection and analysis which extends the functionalities of existing approaches. In contrast to purely network-based approaches, the goal of our collection and analysis system is runtime retrieval of internal malware logic information. This approach allows us to provide analyzed malware with all requested resources in real time, despite the fact that it is executed within an isolated environment. Our assumption is that being able to track the entire malware execution life-cycle will enable a better understanding of current and emerging malware. This paper introduces our design, outlining its contributions and design considerations. An in-depth description and evaluation of each component will be discussed in separa te work. While still under development, we expect our approach to make a significant contribution to enhanced analysis of current malware.
Language
English