Comparison of Static and Dynamic Methods on Malware Analysis

Presenter(s)

Fabion Walden

Abstract or Description

Malware analysis is essential in cybersecurity enabling the detection and classification of malicious software to develop effective defense mechanisms. This study compares two primary approaches, static and dynamic analysis. Static analysis inspects a program’s code, structure, and signatures without execution making it efficient for identifying known threats but vulnerable to obfuscation techniques. Dynamic analysis on the other hand observes malware behavior in a controlled environment providing deeper insights into real-time execution patterns at the cost of higher resource consumption.

Using an experimental research approach, this study systematically analyzes multiple malware types within a controlled virtual environment including trojans, ransomware, rootkits, and bind shells. The evaluation assesses detection accuracy, efficiency, and resilience against evasion techniques. Results show that static analysis offers fast and lightweight detection for known threats, while dynamic analysis is more effective against evolving and obfuscated malware.

By leveraging the strengths of both methods, this research highlights the benefits of a hybrid approach to malware detection. Future efforts should focus on optimizing dynamic analysis for scalability and enhancing static analysis to counter obfuscation ultimately improving malware defense strategies.

Mentor

Dr. Mengjun Xie