salle A. Turing CE4
20 December 2012 - 14h00
On detection methods and analyis of malware
by Jean-Yves Marion from University of Lorraine, LORIA, Nancy, France
Abstract: This talk will present different research directions in malware analysis and detection. First, we will make a brief overview of the detection techniques and of the malware defenses. We will essentially focus on the analyze of cryptographic implementations, which are important for malware analysis where they are an integral part both of the malware payload and the unpacking code that decrypts this payload. We present a tool that identifies cryptographic functions in obfuscated programs, by retrieving loops and their I/O parameters in an implementation-independent fashion, and comparing them with those of known cryptographic functions. This work was presented at CCS this year. Then, we will present other methods that we try to develop.
Slides of the Presentation.