Malware Analysis: Virtual Network Configuration and Process Development

As more data and business operations are being managed through computational infrastructure, maintaining defenses against malicious software, or malware, is becoming more important. Malware attacks are continuing to evolve so quickly that some industries may find it helpful to manage investigation into malware targeting their devices in-house. This project outlines the development of a secure virtual environment, designed to provide a place to conduct malware analysis which will garner details into the purpose of the malware and the vulnerabilities of the target’s system which are being exploited. Additionally, the creation of a comprehensive tutorial was a part of this project, allowing interested parties to duplicate the environment. In order to ensure security, the project includes a series of documents outlining standard operating procedures which cover operator-based responsibilities and change controls. While additional technologybased controls would limit the burden of maintaining an isolated virtual network for the user, the current infrastructure maintains a network which successfully limits the scope and effectiveness of any malicious software being tested. Having the ability to analyze malicious artifacts in-house can provide institutions with a comprehensive understanding of their system’s vulnerabilities, providing them with helpful knowledge which can be used to create valuable defenses against future attacks. Organizations will also be gaining an understanding of which file locations have been accessed and what data may have been compromised. This allows for organizations to be able to responsibly address the actual results of the attack.