Research Article
Osiris: A Malware Behavior Capturing System Implemented at Virtual Machine Monitor Layer
Table 3
Comparison of Osiris with other online sandboxes.
| | | Osiris | Anubis | CFISandbox | Norman Sandbox |
| | Supported file format | PE; pdf, office files; ink; html; eml | PE; URL | exe | exe | | Monitoring spawned processes | ✓ | ✓ | ✓ | × | | Automatic execution of the released file and created service if they are not executed | ✓ | × | × | × | | API calls at different layer | ✓ | ✓ | ✓ | ✓ | | Simulated network service | ✓ | × | × | ✓ | | Internet access (filtered) | × | ✓ | ✓ | ✓ | | Host events simulation | ✓ | × | × | × |
|
|
