Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Automatic malware analysis : an emulator based approach
Yin H., Song D., Springer Publishing Company, Incorporated, New York, NY, 2013. 82 pp. Type: Book (978-1-461455-22-6)
Date Reviewed: May 23 2013

Malware refers to software written with malicious intent. It is virtually impossible to use a computer these days without being affected by this problem and spending significant effort to protect against the threats it presents. The speed of innovation and development of new malware continues to increase, as does the financial cost to the Internet community. The authors of this book suggest that the speed of development has rendered traditional techniques for malware detection, analysis, and protection ineffective; they propose an automated alternative.

The authors present their architecture for dynamic binary analysis of malware. Basically, the suspect program is run in a special emulator environment, and the behavior of the code is analyzed. Chapter 1 introduces the general concepts of malware, chapter 2 explains the limitations of traditional approaches and the benefits of the proposed technique, and chapter 3 expands on the architecture of the proposed solution. Chapter 4 discusses how the fine-grained behavior of code is used to detect the presence of malware, and chapter 5 describes the authors’ approach to dynamic analysis of the code. Chapter 6 looks at analysis of the triggers in the code that activate malicious behavior. The final chapter is a general summary with concluding remarks.

The work is part of the “Springer Briefs” series, aimed at presenting short (this book is less than 100 pages) synopses on various technical topics. The authors do this quite well. Each chapter ends with a chapter summary and extensive references. There is a good table of contents, but no index (although I don’t feel one is necessary). One minor irritation is the occasional grammatical error in matching singular and plural forms that closer editing could have picked up and corrected. This does not, however, detract from the technical content.

All in all, the book presents a good concise explanation of the proposed architecture for automated detection of malware. It makes a useful little brief for quickly coming to grips with the basics of how malware works.
Reviewer:  David B. Henderson Review #: CR141238 (1308-0702)
Bookmark and Share
  Reviewer Selected
Featured Reviewer 		 
 
Invasive Software (K.6.5 ... )
 
 
Invasive Software (D.4.6 ... )
 
 
Program Analysis (F.3.2 ... )
 
 
Security and Protection (K.6.5 )
 
Would you recommend this review?
yes
no
Other reviews under "Invasive Software": Date
Rogue programs: viruses, worms and Trojan horses
Hoffman L. (ed) Van Nostrand Reinhold Co., New York, NY,1990. Type: Divisible Book		 Sep 1 1991
Computer viruses and anti-virus warfare
Hruska J., Ellis Horwood, Upper Saddle River, NJ, 1990. Type: Book (9780131710672)		 Sep 1 1991
The computer virus handbook
Levin R., Osborne/McGraw-Hill, Berkeley, CA, 1990. Type: Book (9780078816475)		 Sep 1 1991
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy