File(s) under permanent embargo
A simple malware test environment
journal contribution
posted on 2023-05-17, 18:46 authored by Lundie, S, Daniel RolfMalware does not need to compromise the operating system kernel in order to provide an untrustworthy browsing experience for the user. This paper describes a simple, virtual machine-based, malware test environment built using freeware and open source software. The system was designed to allow the high-level behaviour of a piece of malware to be studied quickly and conveniently by monitoring network, process and file activity. The system proved effective when trialled against different samples of the well-known malware Zeus and was verified further by tests conducted with the commercially available anti-malware products PC-Tools and Trusteer. Although tests were conducted with variants of the Zeus malware, the techniques discussed in this paper are equally applicable to any other malware and can be used to quickly assess the effectiveness of potential anti-malware solutions. Also, the system is portable and simple, requiring only a general level of technical knowledge to operate, allowing it to be used as a convenient platform for a wide student and professional audience.
History
Publication title
International Journal of Computer and Information TechnologyIssue
4Pagination
581-587ISSN
2279-0764Department/School
School of Information and Communication TechnologyPublisher
Serials PublicationsPlace of publication
New Delhi, IndiaRights statement
Copyright 2013 International Journal of Computer and InformationRepository Status
- Restricted