English

Agent-based Vs Agent-less Sandbox for Dynamic Behavioral Analysis

Cryptography and Security 2019-04-04 v1 Information Retrieval

Abstract

Malicious software is detected and classified by either static analysis or dynamic analysis. In static analysis, malware samples are reverse engineered and analyzed so that signatures of malware can be constructed. These techniques can be easily thwarted through polymorphic, metamorphic malware, obfuscation and packing techniques, whereas in dynamic analysis malware samples are executed in a controlled environment using the sandboxing technique, in order to model the behavior of malware. In this paper, we have analyzed Petya, Spyeye, VolatileCedar, PAFISH etc. through Agent-based and Agentless dynamic sandbox systems in order to investigate and benchmark their efficiency in advanced malware detection.

Cite

@article{arxiv.1904.02100,
  title  = {Agent-based Vs Agent-less Sandbox for Dynamic Behavioral Analysis},
  author = {Muhammad Ali and Stavros Shiaeles and Maria Papadaki and Bogdan Ghita},
  journal= {arXiv preprint arXiv:1904.02100},
  year   = {2019}
}

Comments

2018 Global Information Infrastructure and Networking Symposium (GIIS)

R2 v1 2026-06-23T08:28:21.941Z