Gesellschaft für Informatik e.V.

Lecture Notes in Informatics


Sicherheit, Schutz und Zuverlässigkeit (SICHERHEIT 2012) P-195, 137-148 (2012).

Gesellschaft für Informatik, Bonn
2012


Copyright © Gesellschaft für Informatik, Bonn

Contents

Pybox - A python sandbox

Markus Engelberth , Jan Göbel , Christian Schönbein and Felix C. Freiling

Abstract


The application of dynamic malware analysis in order to automate the monitoring of malware behavior has become increasingly important. For this purpose, so-called sandboxes are used. They provide the functionality to execute malware in a secure, controlled environment and observe its activities during runtime. While a variety of sandbox software, such as the GFI Sandbox (formerly CWSandbox) or the Joe Sandbox, is available, most solutions are closed-source. We present the design, implementation and evaluation of PyBox, a flexible and open-source sandbox written in Python. The application of a Python based analysis environment offers the opportunity of performing malware analyses on various operating systems as Python is available for almost every existing platform.


Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-289-5


Last changed 04.10.2013 18:37:29