Design and prototyping of framework for automated continuous malware collection and analysis

Keiji Takeda, Masayoshi Mizutani

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, design of a framework for malware collection and analysis is described. The framework enables researchers to collect malware samples for analysis continuously, to develop counter measures and to generate pattern signatures for detection. By using this framework security analysts and operators are able to minimize their workload. Five components of malware collection unit, malware database, dynamic analysis unit, static analysis unit, signature generation and response unit have been developed and with certain level of manual operation these units are functional and are able to reduce workload of analysts for counter malware activities. Functionality to manage resources for integrated units such as virtual machines, virtual networks etc is being developed. Development of automated generation of signature would be key for this solution. An approach which compare network traffic generated by machines with malicious executable running and innocent network traffic collected from network used in daily operation which is assumed not to include malicious traffic is proposed. Under the situation with increasing number of newly created malware development of automation and continuity of counter malware scheme has been significant issues. This proposed framework is considered possible solution for such problem in the area of computer and network security.

Original languageEnglish
Title of host publication2011 Carnahan Conference on Security Technology, ICCST 2011
DOIs
Publication statusPublished - 2011 Dec 29
Event2011 IEEE International Carnahan Conference on Security Technology, ICCST 2011 - Barcelona, Spain
Duration: 2011 Oct 182011 Oct 21

Publication series

NameProceedings - International Carnahan Conference on Security Technology
ISSN (Print)1071-6572

Other

Other2011 IEEE International Carnahan Conference on Security Technology, ICCST 2011
CountrySpain
CityBarcelona
Period11/10/1811/10/21

Keywords

  • Cyber security
  • malware protection

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Law

Fingerprint Dive into the research topics of 'Design and prototyping of framework for automated continuous malware collection and analysis'. Together they form a unique fingerprint.

  • Cite this

    Takeda, K., & Mizutani, M. (2011). Design and prototyping of framework for automated continuous malware collection and analysis. In 2011 Carnahan Conference on Security Technology, ICCST 2011 [06095922] (Proceedings - International Carnahan Conference on Security Technology). https://doi.org/10.1109/CCST.2011.6095922