Studying malware in an isolated network sandbox / Mathieu Couture & Frédéric Massicotte.: Co24-3/8-2009-2E-PDF

"A sandbox is a software tool allowing the safe monitoring of the execution of malicious software (malware), or more generally, programs that cannot be trusted. Most of the time, a sandbox is implemented in a virtual machine or a simulated operating system and allows to study the behavior of the program from the host's point of view. Over the years, we have developed a suite of tools that we came to consider as a network sandbox, i.e. a sandbox that allows us the study of a program's behavior from the network perspective. In this paper, we present results from a specific experiment conducted in our network sandbox using various malware samples. We believe that a network sandbox brings helpful information which, combined with the information brought by a host sandbox, provides a more complete view of the mechanisms that are taking place during the execution of malware"--Abstract.

Permanent link to this Catalogue record:
publications.gc.ca/pub?id=9.891671&sl=0

Publication information
Department/Agency Communications Research Centre (Canada), issuing body.
Title Studying malware in an isolated network sandbox / Mathieu Couture & Frédéric Massicotte.
Series title CRC technical note ; no. CRC-TN-2009-02
Publication type Series - View Master Record
Language [English]
Format Electronic
Electronic document
Note(s) "Ottawa, September 25th 2009."
Digitized edition from print [produced by Innovation, Science and Economic Development Canada].
Includes bibliographical references (page 8).
Issued also in print format.
Includes abstracts in English and French.
Publishing information Ottawa : Communications Research Centre Canada = Centre de recherches sur les communications Canada, 2009.
Author / Contributor Couture, Mathieu, author.
Description 1 online resource (8 pages) : illustrations.
Catalogue number
  • Co24-3/8-2009-2E-PDF
Subject terms Computer networks -- Security measures.
Malware (Computer software)
Réseaux d'ordinateurs -- Sécurité -- Mesures.
Logiciels malveillants.
Request alternate formats
To request an alternate format of a publication, complete the Government of Canada Publications email form. Use the form’s “question or comment” field to specify the requested publication.
Report a problem or mistake on this page
Date modified: