期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2015
卷号:9
期号:10
页码:165-176
DOI:10.14257/ijsia.2015.9.10.15
出版社:SERSC
摘要:The number of malwares has been consistently growing for several years and the working platform of them was diversified. To analyze these malwares, an analyst uses automated investigation tools as sandbox. However, current malwares apply the various techniques to avoid the detection of the sandbox. Especially, it is hard to be analyzed when the malicious behavior is triggered by user events. In this paper, we propose methods to enter malicious behavior routine in the sample malware codes, which is happened during the virtual execution in the sandbox in order to perform the analysis of malware. We design the methods as the user action event generator using fuzzing. The malicious behaviors triggered by the generator are exported to the sandbox report as API list. We show the result of the event generator.
