An Efficient Approach for Advanced Malware Analysis Using Memory Forensic Technique

Static analysis in malware analysis has been complex due to string searching methods. Forensic investigation of the physical memory or memory forensics provides a comprehensive analysis of malware, checking traces of malware in malware dumps that have been created while running in an operating system. In this study, we propose efficient and robust framework to analyse complex malwares by integrating both static analysis techniques and memory forensic techniques. The proposed framework has evaluated two hundred real malware samples and achieved a 90% detection rate. These results have been compared and verified with the results obtained from www.virustotal.com, which is online malware analysis tool. Additionally, we have identified the sources of many malware samples.