Automatic Creation of Forensic Indicators with Cuckoo Sandbox and Its Application


KIPS Transactions on Computer and Communication Systems, Vol. 5, No. 11, pp. 419-426, Nov. 2016
10.3745/KTCCS.2016.5.11.419,   PDF Download:
Keywords: Incident Response, Indicators of Compromise(IOC), Digital Forensic, Cuckoo Sandbox
Abstract

As the threat of cyber incident grows continuously, the need of IOC(Indicators of Compromise) is increasing to identify the cause of incidents and share it for quick response to similar incidents. But only few companies use it domestically and the research about the application of IOC is deficient compared to foreign countries. Therefore in this paper, a quick and standardized way to create IOC automatically based on the analysis result of malwares from Cuckoo Sandbox and its application is suggested.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
K. B. Gu, Y. J. Seong, L. M. Wook and L. S. Jin, "Automatic Creation of Forensic Indicators with Cuckoo Sandbox and Its Application," KIPS Transactions on Computer and Communication Systems, vol. 5, no. 11, pp. 419-426, 2016. DOI: 10.3745/KTCCS.2016.5.11.419.

[ACM Style]
Kang Boong Gu, Yoon Jong Seong, Lee Min Wook, and Lee Sang Jin. 2016. Automatic Creation of Forensic Indicators with Cuckoo Sandbox and Its Application. KIPS Transactions on Computer and Communication Systems, 5, 11, (2016), 419-426. DOI: 10.3745/KTCCS.2016.5.11.419.