Additionally, this will ensure that the organization’s network and information systems can be restored and containment measures may be rescinded. Finally, to ensure that the malware analysts are able to safely maintain and analyze a sample of the malware, they must first have the proper malware analysis environment and tools available.
2.2 Malware Analysis Techniques
There are three techniques that malware analysts can utilize to conduct malware analysis, static analysis, dynamic analysis, and temporal analysis. According to Sikorski and Honig (2012), static analysis involves examining the file and using a disassembler to reverse engineer malware; while dynamic analysis involves running the malware in a safe environment and using a debugger to analyze executable malware. Temporal analysis is based on analyzing a system over time. Even though static analysis and dynamic analysis can be done separately, its effectiveness in malware analysis is increased if done in conjunction.
2.2.1 Static …show more content…
Malware analysts are needed more than ever to be ready to meet this threat and protect the information systems of their organizations. Additionally, it is imperative that malware data become openly shared between malware analysts to ensure their information systems and networks are hardened against identical attacks.
This document provided information regarding malware incident response policies and procedures. These policies and procedures provided an understanding of the scope of the malware incident response plan, the roles and responsibilities of the incident response team members, and the method of maintaining malware for analysis. Also, this document provided the various malware analysis techniques available and information regarding the environment and tools needed to conduct the analysis. Finally, this document provided the critical skills needed by malware analysts and other members of the malware incident response