Volume : II, Issue : VI, June - 2013

Virtualization Evolution For Transparent Malware Analysis

Leenu Singh, Syed Imtiyaz Hassan

Abstract :

Reverse engineering is commonly used by the malware analysts to detect the runtime activities of the malicious codes. To study these malicious codes, security researchers are always in search of analyzers that can complete their analysis without malwares being aware of them. Hardware Virtualization provided a platform to analyze the malwares and to protect the host systems from their effects but this technique was not effective for longer period. Malware authors started developing the malicious codes that could detect the environment where the codes were executing and therefore virtualization alone could not provide a shield for analyzers to hide their environment from the malwares. Therefore, there was the need to create a transparent analyzing system that was not detected by the malicious code. Numerous works by security researchers has been done in this field. In this paper, author will ief and compare many such techniques, but will mainly focus on the transparent virtual environment designs and related technical issues of Ether and its based systems like VERA, ETHERANNOTATE that combine the hardware virtualization techniques with software emulations and lastly will highlight the previously detected loop hole of the ether that rejects its successful implement as a transparent analyzer.

Keywords :

Article: Download PDF   DOI : 10.36106/ijsr  

Cite This Article:

Leenu Singh, Syed Imtiyaz Hassan Virtualization EvolutionFor Transparent Malware Analysis International Journal of Scientific Research, Vol : 2, Issue : 6 June 2013

Number of Downloads : 991

References :