brok85 / droidbox

Automatically exported from code.google.com/p/droidbox
0 stars 1 forks source link

Droidbox's manual #15

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

Apparently Droidbox is a tool for analysis and for better understanding. I 
wonder if there is an manual for the Droidbox.

I can install and run Droidbox perfectly, however, I don't understand the log 
output and the 2 generated graph's  (behaviorsample.png & treesample.png).

Could any one explain the 2 sample graph's and the log generated for me please?

Thanks.

Original issue reported on code.google.com by m.ala...@icsl.com.au on 13 Dec 2011 at 10:09

GoogleCodeExporter commented 9 years ago
The behavior graph shows you in what order the monitored operations have 
occured in. The timestamp in this graph can be used to reference the operation 
in the graph with the entry for this operation in the log output. 

The treemap graph is just a visualization that shows you what kind of 
operations have occured and how many times. The rectangles are proportional to 
each other and the area of a rectangle is based on the number of monitored 
operations during an analysis, see 
http://honeyblog.org/archives/33-Visual-Analysis-of-Malware-Behavior-Using-Treem
aps-and-Thread-Graphs.html for more detailed description.

Is there any certain type of log output you want details on?

Regards
Patrik

Original comment by pat...@pjlantz.com on 13 Dec 2011 at 10:32

GoogleCodeExporter commented 9 years ago
Thanks for information. As I see in the Timestamp when its generated the 
paragraph start from different time. how can I adjust the timestamp and let its 
its start from 0.

Thanks

Original comment by alaza...@gmail.com on 16 Dec 2011 at 11:47

GoogleCodeExporter commented 9 years ago

Original comment by lantz.pa...@gmail.com on 10 Mar 2012 at 3:13