Abstract | ||
---|---|---|
Virtual environment is frequently used for malware analysis. To hide their behavior, malware began to adopt virtual environment detection techniques. One of trickiest things when analyzing malware on real systems is that the operating system became unbootable due to the crash of partition and boot loader stored in the first sector of hard disk called the master boot record (MBR). It is quite time consuming to extract its MBR image from the crashed hard disk, so running malware on real system is usually considered as the last resort. In this research, we proposed a malware analysis system utilizing Emulab to extract crashed MBR images very easily. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1007/978-981-10-4154-9_25 | Lecture Notes in Electrical Engineering |
Keywords | Field | DocType |
Emulab,Virtualization,Malware,Analysis automation | Master boot record,Virtualization,Crash,Booting,Virtual machine,Computer science,Automation,Malware,Operating system,Malware analysis | Conference |
Volume | ISSN | Citations |
424 | 1876-1100 | 0 |
PageRank | References | Authors |
0.34 | 2 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Gibeom Song | 1 | 0 | 0.34 |
Manhee Lee | 2 | 40 | 9.04 |