A dynamic malware analyzer against virtual machine aware malicious software
Article first published online: 29 NOV 2013
Copyright © 2013 John Wiley & Sons, Ltd.
Security and Communication Networks
Volume 7, Issue 12, pages 2245–2257, December 2014
How to Cite
2014), A dynamic malware analyzer against virtual machine aware malicious software, Security Comm. Networks, 7, 2245–2257, doi: 10.1002/sec.931, and (
- Issue published online: 27 NOV 2014
- Article first published online: 29 NOV 2013
- Manuscript Accepted: 13 OCT 2013
- Manuscript Revised: 29 JUL 2013
- Manuscript Received: 20 APR 2013
- dynamic malware analysis;
- binary instrumentation;
- anti-virtual machine techniques
Nowadays, cyber-world is being enriched by a large variety of digital information technology-based services. An increasing rate of remote and mobile usage leads to a remarkable dependency on information security. Analysis and detection of malicious software or so-called malware is a challenging task due to the introduction of advanced obfuscation techniques by malware authors. In this study, we mainly concentrate on anti-virtual machine evasion techniques to provide secure and reproducible environments for malware analysis and its implementation issues. Malwares are identified on the basis of their behaviors by taking precautions related to the anti-virtual machine detection techniques. The dynamic malware analyzer tool is deployed to execute anti-virtual machine-aware malware samples in VMware environment. Dynamic malware analyzer monitors system resources such as connections, processes, windows registry, and file operations. Success ratio of detection is tested by using public malware sets with an accuracy of 92%. The effectiveness and success of the behavior-based malware analyzer tool is exploited and current state of the art of malware detection schemes is presented. Copyright © 2013 John Wiley & Sons, Ltd.