View analytic
Thursday, July 30 • 11:15am - 11:40am
Daniel Raygoza: Automated Malware Similarity Analysis

Sign up or log in to save this to your schedule and see who's attending!

While it is fairly straightforward for a malware analyst to compare two pieces of malware for code reuse, it is not a simple task to scale to thousands of pieces of code. Many existing automated approaches focus on run-time analysis and critical trait extraction through signatures, but they don't focus on code reuse. Automated code reuse detection can help malware analysts quickly identify previously analyzed code, develop links between malware and its authors, and triage large volumes of incoming data. The tool and approach presented is best suited for groups that often perform in depth analysis of malware samples (including unpacking) and are looking for methods to develop links and reduce duplicated effort.

Thursday July 30, 2009 11:15am - 11:40am
Roman Ballroom

Attendees (0)