Web-Age Information Management, International Conference on (2008)
July 20, 2008 to July 22, 2008
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/WAIM.2008.44
With the development of malicious code technology, the number of malicious code has continued to increase. So it is imperative to optimize the traditional manual analysis method by automatic malicious code analysis system. This paper presents AMCAS--an automatic malicious code analysis system. It includes malicious code static analyzer, dynamic analyzer and network behavior analyzer. Compared with some existing automatic analysis systems, this system integrates the advantages of static and dynamic analysis, and imports network behavior analysis. Static analyzer can get the unpacked binary code and CallGraph; dynamic analyzer can get the host behavior of malicious code and network behavior analyzer can get the malicious network behavior profile. Experiment shows that this system can get malicious code information efficiently.
J. Wu, Y. Guan, X. Jiang, H. Duan and J. Zhang, "AMCAS: An Automatic Malicious Code Analysis System," Web-Age Information Management, International Conference on(WAIM), vol. 00, no. , pp. 501-507, 2008.