University of Detroit Mercy
Malware is any kind of program explicitly designed to harm, such as viruses, Trojan horses or worms. Since the amount of malware is growing exponentially, it already poses a serious security threat. Therefore, every incoming code must be analyzed in order to classify it as malware or benign software. These tests commonly combine static and dynamic analysis techniques in order to extract the major amount of information from distrustful files. Moreover, the increment of the number of attacks hinders manually testing the thousands of suspicious archives that every day reaches antivirus laboratories. Against this background, the authors address here an automatised system for malware behaviour analysis based on emulation and simulation techniques.