Abstract
Malware is a threat to computer users regardless of which operating system and hardware platform one is using. Android and Microsoft Windows are the most popular operating systems in terms of mobile phone and personal computer, respectively. Due to the wide use of these operating systems, threat actors have seen them as a relevant attack surface and are frequently targeting them. This has kept the analysts on their toes for quickly identifying, responding and preventing systems and infrastructure from these malicious code attacks. With the limitations in the static analysis techniques, analysts have moved to dynamic analysis of these malicious codes, which provide them with various options ranging from sandboxes to tools specifically designed for dynamic analysis. With every tool having its own limitations, the analysts are always on the lookout for the apt tools that will be best for a specific task. This research paper will analyse some of the tools used for dynamic malware analysis and compare their performance with that of the cuckoo sandbox.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
What is Malware? Forcepoint (2020) Retrieved from https://www.forcepoint.com/cyberedu/malware
RIPS: RIPS—automate security testing and manage your risks (2020). Retrieved from https://www.ripstech.com/product/tour/
Comodo News and Internet Security Information: What Is Malware Analysis? Malware Analysis Techniques (2020). https://blog.comodo.com/malware/different-techniques-for-malware-analysis/
Aslan, Ö., Samet, R.: Investigation of possibilities to detect malware using existing tools. In: 2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA), pp. 1277–1284. IEEE (2017)
Jamalpur, S., Navya, Y.S., Raja, P., Tagore, G., Rao, G.R.K.: Dynamic malware analysis using cuckoo sandbox. In: 2018 Second international conference on inventive communication and computational technologies (ICICCT), pp. 1056–1060. IEEE (2018)
Ijaz, M., Durad, M.H., Ismail, M.: Static and dynamic malware analysis using machine learning. In: 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST), pp. 687–691. IEEE (2019)
Infosec Resources: Static malware analysis—infosec resources (2020). Retrieved from https://resources.infosecinstitute.com/topic/malware-analysis-basics-static-analysis/
SearchSecurity: What Is Sandbox (Software Testing and Security)? (2020). Definition From Whatis.Com. Retrieved from https://searchsecurity.techtarget.com/definition/sandbox
Sihwail, R., Omar, K., Ariffin, K.A.Z.: A survey on malware analysis techniques: static, dynamic, hybrid and memory analysis. Int. J. Advan. Sci. Eng. Inform. Technol. 8(4–2), 1662 (2018)
Bermejo Higuera, J., Abad Aramburu, C., Bermejo Higuera, J.R., Sicilia Urban, M.A., Sicilia Montalvo, J.A.: Systematic approach to malware analysis (SAMA). Appl. Sci. 10(4), 1360 (2020)
Al-Rushdan, H., Shurman, M., Alnabelsi, S.: On Detection and prevention of zero-day attack using cuckoo sandbox in software-defined networks (2020)
Yin, H., Liang, Z., Song, D.: HookFinder: identifying and understanding malware hooking behaviors (2008)
Code.google.com.: Google Code Archive—long-term storage for google code project hosting (2021). Retrieved from https://code.google.com/archive/p/regshot
Docs.microsoft.com.: Process Explorer—Windows Sysinternals (2021). Retrieved from https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
Docs.microsoft.com.: Process monitor—windows sysinternals (2021). Retrieved from https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
“Cuckoo Sandbox—Automated Malware Analysis”. Cuckoosandbox.org. https://cuckoosandbox.org/
Malwarebytes Lebs: Automating malware analysis with Cuckoo Sandbox (2016). Available at: https://blog.malwarebytes.com/threat-analysis/2014/04/automating-malware-analysis-with-cuckoo-sandbox/ (Accessed: 2021)
Bai, J., Shi, Q., Mu, S.: A Malware and variant detection method using function call graph isomorphism. Security and Communication Networks (2019)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Appendix
Appendix
1 | Md5deep | 14 | IDA Pro |
2 | Strings | 15 | OllyDbg |
3 | PEiD | 16 | WinDbg |
4 | Dependency Walker | 17 | x64Dbg |
5 | PEView | 18 | Capture BAT |
6 | Resource Hacker | 19 | CFF Explorer |
7 | PE Explorer | 20 | Hexeditor |
8 | Procmon | 21 | ImportREC |
9 | Process Explorer | 22 | Memoryze |
10 | Regshot | 23 | OfficeMalScanner |
11 | Apate DNS | 24 | GMER |
12 | Inetsim | 25 | Fiddler |
13 | Wireshark | 26 | Detect It Easy (DIE) |
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Lebbie, M., Prabhu, S.R., Agrawal, A.K. (2022). Comparative Analysis of Dynamic Malware Analysis Tools. In: Dua, M., Jain, A.K., Yadav, A., Kumar, N., Siarry, P. (eds) Proceedings of the International Conference on Paradigms of Communication, Computing and Data Sciences. Algorithms for Intelligent Systems. Springer, Singapore. https://doi.org/10.1007/978-981-16-5747-4_31
Download citation
DOI: https://doi.org/10.1007/978-981-16-5747-4_31
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-5746-7
Online ISBN: 978-981-16-5747-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)