University of Cambridge > Talks.cam > Computer Laboratory Security Group meeting presentations > Malware analysis with multiple features

Malware analysis with multiple features

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Wei Ming Khoo.

Malware analysis process is being categorized into static analysis and dynamic analysis. Both static and dynamic analysis have their own strengths and weaknesses. In this paper, we present a tool written in Python programming language called as pi-ngaji, which could assist the work of malware analyst to get the static features of malware. pi-ngaji contains several modules – Application Programming Interface (API) calls extractor, binary entropy information, anti virtual machine and anti debugger detector and XOR encrypted strings decryptor. pi-ngaji was developed in order to assist our work in getting malware features. pi-ngaji is focusing on ripping Microsoft Windows executable binaries’ malicious features.

This talk is part of the Computer Laboratory Security Group meeting presentations series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

© 2006-2019 Talks.cam, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity