Malware Analysis: Environment Design and Artitecture

by Adrian Sanabria
Sept. 1, 2017 0 comments SANS Institute threats/vulnerabilities

At the software level, tools and methods for analyzing, detecting, and disabling malware have been documented and employed for several years now. However, the design and architecture of malware analysis environments does not often get publicly discussed. To be sure, commercial antivirus vendors and high-profile researchers most likely employ the use of highly customized and specialized environments to explore the goals and inner workings of malware quickly and efficiently. The average security researcher/analyst however, rarely experiments beyond the use of an isolated virtual machine to quarantine the malicious intent of a virus or trojan.