Hypervisor-assisted dynamic malware analysis

作     者：Roee SLeon Michael Kiperberg Anat Anatey Leon Zabag Nezer Jacob Zaidenberg Roee S.Leon;Michael Kiperberg;Anat Anatey Leon Zabag;Nezer Jacob Zaidenberg

作者机构：Shenkar CollegeRamat GanIsrael Department of Software EngineeringShamoon College of EngineeringBeer-ShevaIsrael College of Management Academic StudiesRishon LeTsiyon Israel University of JyväskyläJyväskyläFinland 

出 版 物：《Cybersecurity》 (网络空间安全科学与技术（英文）)

年 卷 期：2021年第4卷第1期

页      面：278-291页

核心收录：

学科分类：0839[工学-网络空间安全] 08[工学] 

基　　金：EPT Intel Corporation Arm 

主　　题：dynamic analysis transparent 

摘      要：Malware analysis is a task of utmost importance in *** approaches exist for malware analysis:static and *** malware uses an abundance of techniques to evade both dynamic and static analysis *** dynamic analysis solutions either make modifications to the running malware or use a higher privilege component that does the actual *** former can be easily detected by sophisticated malware while the latter often induces a significant performance *** propose a method that performs malware analysis within the context of the OS ***,the analysis component is camouflaged by a hypervisor,which makes it completely transparent to the running OS and its *** evaluation of the system’s efficiency suggests that the induced performance overhead is negligible.