Honeysand: An Open Source Tools Based Sandbox Environment for Bot Analysis and Botnet Tracking
Malware analysis is a process of determining the intent and modus operandi of a given malware sample. It is the first step in process of developing any preventive or defensive measure against a malware attack. The work presented in this paper is focused on the dynamic malware analysis. Dynamic malware analysis is one of the malware analysis techniques, in which the malware sample is executed in a controlled environment called sandbox and the effects of the execution at different levels of system abstractions (I.e. operating system, network, or kernel) are captured, stored and processed. In this paper, the authors are presenting the design details of a malware execution environment named as Honeysand.