Agent-based Vs Agent-less Sandbox for Dynamic Behavioral Analysis

Ali, Muhammad; Shiaeles, Stavros; Papadaki, Maria and Ghita, Bogdan V. 2018. 'Agent-based Vs Agent-less Sandbox for Dynamic Behavioral Analysis'. In: Global Information Infrastructure and Networking Symposium (GIIS 2018). Thessaloniki, Greece 23-25 October 2018. [Conference or Workshop Item]

1904.02100v1.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial.

Download (534kB) | Preview

Abstract or Description

Malicious software is detected and classified by either static analysis or dynamic analysis. In static analysis, malware samples are reverse engineered and analyzed so that signatures of malware can be constructed. These techniques can be easily thwarted through polymorphic, metamorphic malware, obfuscation and packing techniques, whereas in dynamic analysis malware samples are executed in a controlled environment using the sandboxing technique, in order to model the behavior of malware. In this paper, we have analyzed Petya, Spyeye, VolatileCedar, PAFISH etc. through Agent-based and Agentless dynamic sandbox systems in order to investigate and benchmark their efficiency in advanced malware detection.

Item Type:

Conference or Workshop Item (Paper)

Identification Number (DOI):

Additional Information:

This work was supported by CYBER-TRUST project, which has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement no. 786698.


Malware detection, Static analysis, Dynamic analysis, Cuckoo, VMRay

Related URLs:

Departments, Centres and Research Units:



23 October 2018Published

Event Location:

Thessaloniki, Greece

Date range:

23-25 October 2018

Item ID:


Date Deposited:

03 Mar 2020 16:39

Last Modified:

10 Jun 2021 05:36


View statistics for this item...

Edit Record Edit Record (login required)