Data Collection with Honeypot Server for Reverse Engineering of Malware

Malware is any harmful code intended to harm the user. Computer malware is a type of threat that is designed to infiltrate other computers and exfiltrate sensitive user information or act destructively. In response to the growing number of malicious programs, the field of malware analysis is emerging. Malware can be collected by implementing honeypot servers and analyzed using reverse engineering tools and techniques. Honeypot servers can be categorized by their purpose and level of interactivity. The data collected by the honeypot server can be categorized as: connection data, malicious scripts, and malware. By analyzing gathered information and focusing on the reverse engineering of malware, insight will be provided into the functioning of the malicious programs and how to prevent their operation and further spread. Reverse engineering can be divided into two types of analysis – static and dynamic malware analysis. Static analysis is a method in which the malware sample is not executed, while the purpose of dynamic analysis is to monitor the changes caused by the malware after execution. The collected information serves to improve and develop cybersecurity strategies.