2013 Fiscal Year Final Research Report
Automatic Dynamic Analyzer for Malware by System Call Tracing using Virtualization Technology
| Project/Area Number |
23500101
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (C)
|
| Allocation Type | Multi-year Fund |
|---|
| Section | 一般 |
|---|
| Research Field |
Computer system/Network
|
|---|
| Research Institution | Ritsumeikan University |
|---|
Principal Investigator |
MOURI Koichi 立命館大学, 情報理工学部, 准教授 (90313296)
|
|---|
| Project Period (FY) |
2011 – 2013
|
| Keywords | マルウェア解析 / コンピュータセキュリティ / ネットワークセキュリティ / 仮想化技術 / オペレーティングシステム / エンドポイントセキュリティ / システムコールトレース |
|---|
| Research Abstract |
Nowadays our society depends on computers and networks deeply. It is very difficult to keep them safe completely. Its one big reason is that new kinds of malware appear everyday. To achieve their safety, we need to quickly know what threat malwares cause. Then we need to propose a countermeasure against them. In this research subject, the goal is to establish a method to quick analysis of malwares, using virtualization technology. As the result, we have developed system call tracer named Alkanet. It can do it more quickly than other methods. It also has a resistance facility against anti-debug function of malwares. Furthermore we developed various analyzing tools for Alkanet, which enable to know easily what the malwares cause.
|
