Dynamic malware analysis of phishing emails
Document Type
Conference Proceeding
Source of Publication
2018 9th International Conference on Information and Communication Systems, ICICS 2018
Publication Date
5-4-2018
Abstract
© 2018 IEEE. Malicious software or malware is one of the most significant dangers facing the Internet today. In the fight against malware, users depend on anti-malware and anti-virus products to proactively detect threats before damage is done. Those products rely on static signatures obtained through malware analysis. Unfortunately, malware authors are always one step ahead in avoiding detection. This research deals with dynamic malware analysis, which emphasizes on: how the malware will behave after execution, what changes to the operating system, registry and network communication take place. Dynamic analysis opens up the doors for automatic generation of anomaly and active signatures based on the new malware's behavior. The research includes a design of honeypot to capture new malware and a complete dynamic analysis laboratory setting. We propose a standard analysis methodology by preparing the analysis tools, then running the malicious samples in a controlled environment to investigate their behavior. We analyze 173 recent Phishing emails and 45 SPIM messages in search for potentially new malwares, we present two malware samples and their comprehensive dynamic analysis.
DOI Link
ISBN
9781538643662
Publisher
Institute of Electrical and Electronics Engineers Inc.
Volume
2018-January
First Page
18
Last Page
24
Disciplines
Computer Sciences
Keywords
Dynamic Malware Analysis, Honeynet, Malware, Phishing Emails, Signature Generation
Scopus ID
Recommended Citation
Qbeitah, Mohammad Abu and Aldwairi, Monther, "Dynamic malware analysis of phishing emails" (2018). All Works. 1351.
https://zuscholars.zu.ac.ae/works/1351
Indexed in Scopus
yes
Open Access
no