Abstract

In this paper, we advocate for publicly accessible live malware experimentation testbeds. We introduce new advancements for high-fidelity transparent emulation and fine-grain automatic containment that make such experimentation safe and useful to researchers, and we propose a complete, extensible live-malware experimentation framework. Our framework, aided by our new technologies, facilitates a qualitative leap from current experimentation practices. It enables specific, detailed and quantitative understanding of risk, and safe, fully automated experimentation by novice users, with maximum utility to the researcher. We present preliminary results that demonstrate effectiveness of our technologies and map the path forward for public live-malware experimentation.

Date

October 4, 2025

Authors

Abdulla Alwabel, Hao Shi, Genevieve Bartlett, Jelena Mirkovic

Conference

7th Workshop on Cyber Security Experimentation and Test (CSET 14)