Structural executable comparison, malware classification, and collaborative binary analysis - the formerly-zynamics tools at Google

Add to your list(s) Download to your calendar using vCal

• Thomas Dullien, Google
• Wednesday 14 November 2012, 14:15-15:15
• Lecture Theatre 1, Computer Laboratory.

If you have a question about this talk, please contact Stephen Clark.

Recent years have seen an explosion in the industry adoption of reverse engineering for security purposes. Between the late 90’s and today, a niche endeavor turned into industry practice – both for the analysis of malicious software and for the security review of closed-source software components. In 2011, Google acquired zynamics GmbH, a small company focused on developing software for (security-minded) reverse engineers. This talk will give an overview of the different areas in which zynamics worked prior to joining Google, and some of the directions in which we’re moving now.

On the technical level, the talk will give an overview over our structural / graph-centric algorithms for executable comparison, how we used these algorithms for malware classification and byte-signature generation, and over our reverse-engineering IDE which permits fully collaborative disassembly analysis for teams of reverse engineers.

This talk is part of the Wednesday Seminars - Department of Computer Science and Technology series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Chris Davis' list
• Computer Laboratory Security Seminar
• Department of Computer Science and Technology talks and seminars
• Graduate-Seminars
• Guy Emerson's list
• Interested Talks
• Lecture Theatre 1, Computer Laboratory
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• Wednesday Seminars - Department of Computer Science and Technology
• bld31
• computer science
• se393's list

Note that ex-directory lists are not shown.