Distributed Services for Large Scale Dynamic Malware Analysis
Distributed Services for Large Scale Dynamic Malware Analysis
Supervisor(s): | George Webster |
Status: | finished |
Topic: | Anomaly Detection |
Author: | Christian von Pentz |
Submission: | 2015-03-02 |
Type of Thesis: | Bachelorthesis |
Proof of Concept | No |
Astract:The amount of new malware samples that hits security vendors every day is growing expo- nentially. To keep up with the sheer amount, analysts rely more than ever on triage systems to preselect interesting and dangerous samples. The ability of these systems to use dynamic analysis to gather information about a sample is directly linked to the ability to scale their dynamic analysis infrastructure. In this thesis we developed a methodology consisting of four microservices: a feeder, checker, parser and watchdog, to connect analysis platforms to dynamic analysis tools in a scalable and robust fashion. We implemented this concept to connect the widespread analysis platform CRITs to Cuckoo, one of the most commonly used open-source dynamic analysis tools. |