Authors of this paper are from many important institute and university, in details:
- Manuel Egele, Vienna University of Technology
- Theodoor Scholte, SAP Research, Sophia Antipolis
- Engin Kirda, Institute Eurecom, Sophia Antipolis
- Christopher Kruegel, University of California, Santa Barbara
Following a clip of the paper:
Anti-virus vendors are confronted with a multitude of potential malicious samples today. Re- ceiving thousands of new samples every single day is nothing uncommon. As the signatures that should detect the confirmed malicious threats are still mainly created manually, it is important to discriminate between samples that pose a new unknown threat, and those that are mere variants of known malware.
This survey article provides an overview of techniques that are based on dynamic analysis and that are used to analyze potentially malicious samples. It also covers analysis programs that employ these techniques to assist a human analyst in assessing, in a timely and appropriate manner, whether a given sample deserves closer manual inspection due to its unknown malicious behavior.