File(s) under permanent embargo
A simple malware test environment
journal contributionposted on 2023-05-17, 18:46 authored by Lundie, S, Daniel RolfDaniel Rolf
Malware does not need to compromise the operating system kernel in order to provide an untrustworthy browsing experience for the user. This paper describes a simple, virtual machine-based, malware test environment built using freeware and open source software. The system was designed to allow the high-level behaviour of a piece of malware to be studied quickly and conveniently by monitoring network, process and file activity. The system proved effective when trialled against different samples of the well-known malware Zeus and was verified further by tests conducted with the commercially available anti-malware products PC-Tools and Trusteer. Although tests were conducted with variants of the Zeus malware, the techniques discussed in this paper are equally applicable to any other malware and can be used to quickly assess the effectiveness of potential anti-malware solutions. Also, the system is portable and simple, requiring only a general level of technical knowledge to operate, allowing it to be used as a convenient platform for a wide student and professional audience.
Publication titleInternational Journal of Computer and Information Technology
Department/SchoolSchool of Information and Communication Technology
Place of publicationNew Delhi, India
Rights statementCopyright 2013 International Journal of Computer and Information