Dragonfly: next generation sandbox

Berni, Simone (2020) Dragonfly: next generation sandbox. [Laurea magistrale], Università di Bologna, Corso di Studio in Informatica [LM-DM270]
Documenti full-text disponibili:
[img] Documento PDF (Thesis)
Disponibile con Licenza: Creative Commons: Attribuzione - Non commerciale - Condividi allo stesso modo 4.0 (CC BY-NC-SA 4.0)

Download (986kB)

Abstract

An endless battle between malwares and malware analysts is fought every day. Many techniques of analysis are deployed, allowing the study of targets in a clean environment. Isolation is commonly provided by sandboxes, but it is not the only way: a new paradigm is emerging, emulation, that allows the study of targets without having to fear that its own infrastructure can be infected. Malwares are detected and categorized using rules, simple regex queries that describe their behaviours and are matched against the static sample, but thanks to the emulation we can move this process a step further: Dragonfly allows deeper and more precise rules that are matched during the emulation of the target, allowing even the execution of custom user functions when a rule is matched to bring the analysis to its next step

Abstract
Tipologia del documento
Tesi di laurea (Laurea magistrale)
Autore della tesi
Berni, Simone
Relatore della tesi
Correlatore della tesi
Scuola
Corso di studio
Indirizzo
Curriculum C: Sistemi e reti
Ordinamento Cds
DM270
Parole chiave
Dragonfly,Emulation,Sandbox,Malware Analysis
Data di discussione della Tesi
15 Luglio 2020
URI

Altri metadati

Statistica sui download

Gestione del documento: Visualizza il documento

^