Toward automated dynamic malware analysis using CWSandbox

IEEE Security and Privacy

Volumn 5, Issue 2, 2007, Pages 32-39

  Willems, Garsten ^a   Holz, Thorsten ^a   Freiling, Felix ^a  

^a UNIVERSITY OF MANNHEIM   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

CODES (SYMBOLS); COMPUTER SIMULATION; SOFTWARE ENGINEERING; SUPERVISORY AND EXECUTIVE PROGRAMS;

API FUNCTIONS; DYNAMIC MALWARE ANALYSIS; IN-LINE OVERWRITING TECHNIQUE;

PROGRAM DEBUGGING;

EID: 34047110218     PISSN: 15407993     EISSN: None     Source Type: Journal    
DOI: 10.1109/MSP.2007.45     Document Type: Review

References (3)

1. I. Ivanov, "API Hooking Revealed," The Code Project, 2002; www.codeproject.com/system/hooksys.asp.
2. Holy Father, "Hooking Windows API - Technics of Hooking API Functions on Windows," CodeBreakers J., vol. 1, no. 2, 2004; www.secure-software-engineering.com/index.php?option=com_content&task= view&id=54&Itemid=27.
3. P. Baecher et al., "The Nepenthes Platform: An Efficient Approach to Collect Malware," Prof. 9th Int'l Symp. Recent Advances in Intrusion Detection (RAID 06), LNCS 4219, Springer-Verlag, 2006, pp. 165-184.