Engelberth, MarkusGöbel, JanSchönbein, ChristianFreiling, Felix C.Suri, NeerajWaidner, Michael2018-11-192018-11-192012978-3-88579-289-5https://dl.gi.de/handle/20.500.12116/18269The application of dynamic malware analysis in order to automate the monitoring of malware behavior has become increasingly important. For this purpose, so-called sandboxes are used. They provide the functionality to execute malware in a secure, controlled environment and observe its activities during runtime. While a variety of sandbox software, such as the GFI Sandbox (formerly CWSandbox) or the Joe Sandbox, is available, most solutions are closed-source. We present the design, implementation and evaluation of PyBox, a flexible and open-source sandbox written in Python. The application of a Python based analysis environment offers the opportunity of performing malware analyses on various operating systems as Python is available for almost every existing platform.enText/Conference Paper1617-5468