Bilkent University
Department of Computer Engineering

---

S E M I N A R

 

Stealth Sandbox Analysis of Malware

 

Ömer Sezgin Uğurlu
MSc. Student
Computer Engineering Department
Bilkent University

Malware is one of the biggest problems of the world of bits and bytes. Generally malware does things a user normally don't do, such as becoming part of a virtual army or submitting confidential data of user to author. There are publicly avaliable free analysis services for unknown binaries. Sandbox analysis is performed by execution of untrusted binary in isolated environment. It is a very common technique for malware research. Publicly available sandbox analysis platforms helps users to see traces of the execution without harming their system. Also helps owners of the sandbox to collect malware and easies the job of analysts. One major problem of the public sandbox testing is malware authors can also benefit from analysis sandboxes. If they can identify sandbox systems they can hide malicous behaviour. This thesis presents publicly used Anubis detectionsms, possible detection mechanisms and our efforts for hiding fingerprint of Anubis from malware and decreasing the false negative rates for the malware detection.

 

DATE: 28 August,2009, Friday @ 10:40
PLACE: EA 409