CCIS Seminar - Thursday 20 December 2012 - salle A. Turing CE4
14:00:00 - Salle de salle A. Turing CE4

Jean-Yves Marion, University of Lorraine, LORIA, Nancy, France

On detection methods and analyis of malware

Abstract: This talk will present different research directions in malware analysis and detection. First, we will make a brief overview of the detection techniques and of the malware defenses. We will essentially focus on the analyze of cryptographic implementations, which are important for malware analysis where they are an integral part both of the malware payload and the unpacking code that decrypts this payload. We present a tool that identifies cryptographic functions in obfuscated programs, by retrieving loops and their I/O parameters in an implementation-independent fashion, and comparing them with those of known cryptographic functions. This work was presented at CCS this year. Then, we will present other methods that we try to develop.

Home page CCIS Seminars
How to come to salle A. Turing CE4 -