TY - JOUR
T1 - STATOS: A portable tool for secure malware analysis and sample acquisition in low resource environments
AU - Cameron, Alexander
AU - Alam, Abu
AU - Anjum, Nasreen
AU - Khan, Javed Ali
AU - Mylonas, Alexios
N1 - © 2025 The Author(s). Published by Elsevier Inc. This is an open access article distributed under the Creative Commons Attribution License (CC BY), https://creativecommons.org/licenses/by/4.0/
PY - 2025/4/1
Y1 - 2025/4/1
N2 - Malware poses a significant security threat to organisations worldwide, particularly in environments with limited resources. Static analysis has emerged as a crucial technique for gaining insights into malware, but it often requires specialised hardware and software, which can be a barrier for organisations facing financial or supply constraints. To address these challenges, this study presents a Static-Analysis Operating System (StatOS), a portable Linux derivative operating system designed for static malware analysis. StatOS can be executed from a USB device, allowing organisations to perform efficient, user-friendly, and secure malware analysis even on underpowered hardware. This study contributes a practical solution to field analysis of malware within low-resource environments, providing a model and requirement data for future developments in portable cybersecurity tools. The tool was validated through a combination of expert feedback using the Delphi method and security assessments, including Monte-Carlo simulations and Common Vulnerabilities and Exposures (CVE) evaluations. Results indicate that StatOS meets and exceeds key performance requirements, with 100% of surveyed cyber specialists agreeing on its effectiveness, and 80% indicating they would use StatOS in forensic investigations.
AB - Malware poses a significant security threat to organisations worldwide, particularly in environments with limited resources. Static analysis has emerged as a crucial technique for gaining insights into malware, but it often requires specialised hardware and software, which can be a barrier for organisations facing financial or supply constraints. To address these challenges, this study presents a Static-Analysis Operating System (StatOS), a portable Linux derivative operating system designed for static malware analysis. StatOS can be executed from a USB device, allowing organisations to perform efficient, user-friendly, and secure malware analysis even on underpowered hardware. This study contributes a practical solution to field analysis of malware within low-resource environments, providing a model and requirement data for future developments in portable cybersecurity tools. The tool was validated through a combination of expert feedback using the Delphi method and security assessments, including Monte-Carlo simulations and Common Vulnerabilities and Exposures (CVE) evaluations. Results indicate that StatOS meets and exceeds key performance requirements, with 100% of surveyed cyber specialists agreeing on its effectiveness, and 80% indicating they would use StatOS in forensic investigations.
KW - Cyber attacks
KW - Cyber security
KW - Malware analysis
KW - Static analysis
UR - http://www.scopus.com/inward/record.url?scp=105001833860&partnerID=8YFLogxK
U2 - 10.1016/j.array.2025.100391
DO - 10.1016/j.array.2025.100391
M3 - Article
AN - SCOPUS:105001833860
SN - 2590-0056
VL - 26
SP - 1
EP - 15
JO - Array
JF - Array
M1 - 100391
ER -