1 research outputs found
Honeypot-powered Malware Reverse Engineering
Honeypots, i.e. networked computer systems specially designed and crafted to
mimic the normal operations of other systems while capturing and storing
information about the interactions with the world outside, are a crucial
technology into the study of cyber threats and attacks that propagate and occur
through networks. Among them, high interaction honeypots are considered the
most efficient because the attacker (whether automated or not) perceives
realistic interactions with the target machine. In the case of automated
attacks, propagated by malwares, currently available honeypots alone are not
specialized enough to allow the analysis of their behaviors and effects on the
target system. The research presented in this paper shows how high interaction
honeypots can be enhanced by powering them with specific features that improve
the reverse engineering activities needed to effectively analyze captured
malicious entities