Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence

@inproceedings{Graziano2015NeedlesIA,
  title={Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence},
  author={Mariano Graziano and Davide Canali and Leyla Bilge and Andrea Lanzi and Davide Balzarotti},
  booktitle={USENIX Security Symposium},
  year={2015}
}
Malware sandboxes are automated dynamic analysis systems that execute programs in a controlled environment. Within the large volumes of samples submitted every day to these services, some submissions appear to be different from others, and show interesting characteristics. For example, we observed that malware samples involved in famous targeted attacks – like the Regin APT framework or the recently disclosed malwares from the Equation Group – were submitted to our sandbox months or even years… CONTINUE READING
Highly Cited
This paper has 19 citations. REVIEW CITATIONS
14 Citations
28 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 14 extracted citations

References

Publications referenced by this paper.
Showing 1-10 of 28 references

Watching attackers through virustotal

  • B. DIXON
  • watching-attackers-through-virustotal/,
  • 2014
Highly Influential
15 Excerpts

Equation: The death star of malware galaxy

  • KASPERSKY GREAT TEAM
  • http: //securelist.com/blog/research/68750…
  • 2015
1 Excerpt

And Ryan Gallagher

  • MORGAN MARQUIS-BOIRE, CLAUDIO GUARNIERI
  • Secret malware in european union attack linked to…
  • 2014
1 Excerpt

Regin: Top-tier espionage tool enables stealthy surveillance

  • SYMANTEC SECURITY RESPONSE
  • http://www.symantec. com/content/en/us/enterprise…
  • 2014
1 Excerpt

Similar Papers

Loading similar papers…