Academic Journals Database
Disseminating quality controlled scientific knowledge

Honeysand: An Open Source Tools based Sandbox Environment for Bot Analysis and Botnet Tracking

ADD TO MY LIST
 
Author(s): Saurabh Chamotra | Rakesh Kumar Sehgal | Raj Kamal

Journal: International Journal of Computer Applications
ISSN 0975-8887

Volume: comnetcs;
Issue: 1;
Date: 2012;
Original page

Keywords: Tracking

ABSTRACT
Malware analysis is a process of determining the intent and modus operandi of a given malware sample. It is the first step in process of developing any preventive or defensive measure against a malware attack. The work presented in this paper is focused on the dynamic malware analysis. Dynamic malware analysis is one of the malware analysis techniques, in which the malware sample is executed in a controlled environment called sandbox and the effects of the execution at different levels of system abstractions (I.e. operating system, network, or kernel) are captured, stored and processed. In this paper we are presenting the design details of a malware execution environment named as Honeysand. The presented solution is specifically designed for catering the needs of performing dynamic analysis for a class of malwares known as bot. Bot is a class of mwalre that have the ability to coordinate among themselves and create a network of infected systems which is under the control of a single machine called command & control server [18] .Based upon the proposed system design we have developed a prototype system using the honeypot technology as a base with some other open source tools configured over it and used this prototype to demonstrate the effectiveness of the proposed solution.
Affiliate Program     

Tango Rapperswil
Tango Rapperswil