Studying malware in an isolated network sandbox / Mathieu Couture & Frédéric Massicotte. : Co24-3/8-2009-2E-PDF
"A sandbox is a software tool allowing the safe monitoring of the execution of malicious software (malware), or more generally, programs that cannot be trusted. Most of the time, a sandbox is implemented in a virtual machine or a simulated operating system and allows to study the behavior of the program from the host's point of view. Over the years, we have developed a suite of tools that we came to consider as a network sandbox, i.e. a sandbox that allows us the study of a program's behavior from the network perspective. In this paper, we present results from a specific experiment conducted in our network sandbox using various malware samples. We believe that a network sandbox brings helpful information which, combined with the information brought by a host sandbox, provides a more complete view of the mechanisms that are taking place during the execution of malware"--Abstract.
Lien permanent pour cette publication :
publications.gc.ca/pub?id=9.891671&sl=1
| Ministère/Organisme |
|
|---|---|
| Titre | Studying malware in an isolated network sandbox / Mathieu Couture & Frédéric Massicotte. |
| Titre de la série |
|
| Type de publication | Monographie - Voir l'enregistrement principal |
| Langue | [Anglais] |
| Format | Texte numérique |
| Document électronique | |
| Note(s) |
|
| Information sur la publication |
|
| Auteur / Contributeur |
|
| Description | 1 online resource (8 pages) : illustrations. |
| Numéro de catalogue |
|
| Descripteurs |
Demander des formats alternatifs
Pour demander une publication dans un format alternatif, remplissez le formulaire électronique des publications du gouvernement du Canada. Utilisez le champ du formulaire «question ou commentaire» pour spécifier la publication demandée.Détails de la page
- Date de modification :