Title

Dynamic malware analysis of phishing emails

Source of Publication

2018 9th International Conference on Information and Communication Systems, ICICS 2018

Abstract

© 2018 IEEE. Malicious software or malware is one of the most significant dangers facing the Internet today. In the fight against malware, users depend on anti-malware and anti-virus products to proactively detect threats before damage is done. Those products rely on static signatures obtained through malware analysis. Unfortunately, malware authors are always one step ahead in avoiding detection. This research deals with dynamic malware analysis, which emphasizes on: how the malware will behave after execution, what changes to the operating system, registry and network communication take place. Dynamic analysis opens up the doors for automatic generation of anomaly and active signatures based on the new malware's behavior. The research includes a design of honeypot to capture new malware and a complete dynamic analysis laboratory setting. We propose a standard analysis methodology by preparing the analysis tools, then running the malicious samples in a controlled environment to investigate their behavior. We analyze 173 recent Phishing emails and 45 SPIM messages in search for potentially new malwares, we present two malware samples and their comprehensive dynamic analysis.

Document Type

Conference Proceeding

ISBN

['9781538643662']

First Page

18

Last Page

24

Publication Date

5-4-2018

DOI

10.1109/IACS.2018.8355435

Link to Full Text

Share

COinS