Dynamic analysis

In static analysis, the focus was on examining the potential malware in a controlled environment. The focus was on examining the actual code or to look for specific file attributes that could be compared to other sources. In dynamic analysis, the focus is on allowing the potential malware to execute within a controlled environment and to observe the behaviors that the program exhibits.

There are several advantages that Dynamic Analysis affords malware researchers and incident responders. First, allowing the code to execute fully will remove the barriers such as encryption or other obfuscation techniques that are utilized by malware coders. Second, there are several automated tools that can be leveraged for Dynamic Analysis. ...

Get Digital Forensics and Incident Response now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.