Agent-based Vs Agent-less Sandbox for Dynamic Behavioral Analysis
Abstract
Malicious software is detected and classified by either static analysis or dynamic analysis. In static analysis, malware samples are reverse engineered and analyzed so that signatures of malware can be constructed. These techniques can be easily thwarted through polymorphic, metamorphic malware, obfuscation and packing techniques, whereas in dynamic analysis malware samples are executed in a controlled environment using the sandboxing technique, in order to model the behavior of malware. In this paper, we have analyzed Petya, Spyeye, VolatileCedar, PAFISH etc. through Agent-based and Agentless dynamic sandbox systems in order to investigate and benchmark their efficiency in advanced malware detection.
- Publication:
-
arXiv e-prints
- Pub Date:
- March 2019
- DOI:
- 10.48550/arXiv.1904.02100
- arXiv:
- arXiv:1904.02100
- Bibcode:
- 2019arXiv190402100A
- Keywords:
-
- Computer Science - Cryptography and Security;
- Computer Science - Information Retrieval
- E-Print:
- 2018 Global Information Infrastructure and Networking Symposium (GIIS)