TY - JOUR KW - cyber threat intelligence KW - dynamic analysis KW - malware analysis KW - malware intelligence KW - static analysis AU - Cagatay Yucel AU - Adam Lockett AU - Ioannis Chalkias AU - Dimitrios Mallis AU - Vasilios Katos AB -

Malware is the instrument that delivers the decisive blow in cyber-attacks. A first-time presented malware or an updated malware can remain undetected and stealth until the attackers achieve their objectives. Information about malware and its use needs to be shared with other entities that are protecting their infrastructure from the same or similar threats. Malware intelligence can be critical in a rapidly changing threat landscape, allowing entities to respond to incidents in a successful and timely manner. We introduce the Malware Analysis and Intelligence Tool, a tool that uses state-of-the-art malware analysers (static and dynamic), combined with open-source malware databases to provide a malware signature and an intelligence report that is collected from publicly available cyber threat intelligence sources. The tool can be used to obtain chronological data for a malicious file, related vulnerabilities, and towards providing attribution and techniques, tactics and procedures when used in attacks from Advanced Persistent Threat groups.

BT - Information & Security: An International Journal DO - https://doi.org/10.11610/isij.5024 IS - 1 N2 -

Malware is the instrument that delivers the decisive blow in cyber-attacks. A first-time presented malware or an updated malware can remain undetected and stealth until the attackers achieve their objectives. Information about malware and its use needs to be shared with other entities that are protecting their infrastructure from the same or similar threats. Malware intelligence can be critical in a rapidly changing threat landscape, allowing entities to respond to incidents in a successful and timely manner. We introduce the Malware Analysis and Intelligence Tool, a tool that uses state-of-the-art malware analysers (static and dynamic), combined with open-source malware databases to provide a malware signature and an intelligence report that is collected from publicly available cyber threat intelligence sources. The tool can be used to obtain chronological data for a malicious file, related vulnerabilities, and towards providing attribution and techniques, tactics and procedures when used in attacks from Advanced Persistent Threat groups.

PY - 2021 SP - 49 EP - 65 T2 - Information & Security: An International Journal TI - MAIT: Malware Analysis and Intelligence Tool VL - 50 ER -