Malware Analysis and Detection in Enterprise Systems

摘要

Malware is today one of the biggest security threat to the Internet. Malware is any malicious software with the intent to perform malevolent activities on a targeted system. Viruses, worms, trojans, backdoors and adware are but a few examples that fall under the umbrella of malware. The purpose of this research is to investigate techniques that are used in order to effectively perform Malware analysis and detection on enterprise systems to reduce the damage of malware attacks on the operation of organizations. Malware analysis experiments were carried out using the two techniques of malware analysis which are Dynamic and Static analysis on two different malware samples. A Portable executable and Microsoft word document files were the two samples that were analyzed in an isolated sandbox lab environment. The results from the experiments disclosed the behavior, encryption techniques, and other techniques employed by the malware samples. The results showed that Dynamic analysis is more effective than Static analysis. The study proposes the use of both techniques for a comprehensive malware analysis and detection.