Basic dynamic malware analysis techniques

Dynamic analysis can be used to study a program as it executes. Tools of the trade are debuggers, function call tracers, machine emulators, logic analysers, network sniffers and basic utilities. The advantage of dynamic analysis is that it can be fast and accurate. However, dynamic analysis has the disadvantage that “what you see is all you get”. For the same reason that it is not possible to predict the behaviour of a non-trivial program, it is also not possible to make a non-trivial program traverse all paths through its code.

A college lecture at City College San Francisco by Sam Bowne based on "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software", by Michael Sikorski and Andrew Honig; ISBN-10: 1593272901, chapter 2 and 3:

  • Last modified: 2018/07/11 16:04