본문 바로가기
  • Home

The Next Generation Malware Information Collection Architecture for Cybercrime Investigation

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2020, 25(11), pp.123-129
  • DOI : 10.9708/jksci.2020.25.11.123
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science
  • Received : October 5, 2020
  • Accepted : November 2, 2020
  • Published : November 30, 2020

Ho Mook Cho 1 Chang-Su Bae 2 Jaehoon Jang 2 Sang-Yong Choi 3

1한국과학기술원
2에이펙스이에스씨
3영남이공대학교

Accredited

ABSTRACT

Recently, cybercrime has become increasingly difficult to track by applying new technologies such as virtualization technology and distribution tracking avoidance. etc. Therefore, there is a limit to the technology of tracking distributors based on malicious code information through static and dynamic analysis methods. In addition, in the field of cyber investigation, it is more important to track down malicious code distributors than to analyze malicious codes themselves. Accordingly, in this paper, we propose a next-generation malicious code information collection architecture to efficiently track down malicious code distributors by converging traditional analysis methods and recent information collection methods such as OSINT and Intelligence. The architecture we propose in this paper is based on the differences between the existing malicious code analysis system and the investigation point's analysis system, which relates the necessary elemental technologies from the perspective of cybercrime. Thus, the proposed architecture could be a key approach to tracking distributors in cyber criminal investigations.

Citation status

* References for papers published after 2022 are currently being built.

This paper was written with support from the National Research Foundation of Korea.