Tulsa TechFest 2015
Kyle Cook, Part Time Research Assistant, University of Tulsa
Kyle Cook is a full-time graduate student seeking a Master's Degree in Computer Science at the University of Tulsa. He obtained his Computer Science and Mathematics undergraduate degrees at the University of Tulsa in May of 2015. Passionate about computer security, Kyle began research at the Institute of Information Security this summer doing research in both malware analysis techniques and attack graph generation.
Malware Analysis: The Present and The Future
Malware is an ever-growing threat to all users of the Internet. Malware is constantly evolving, and most individuals affected by malware simply do not have the resources to thoroughly understand the malware that attacked them. It is infeasible to unleash malware in a business environment just for analysis purposes. Instead, it is better to utilize sandboxes to handle the analysis of dangerous malware. In many instances, the reports generated by these sandboxes are difficult to understand and interpret. They are full of high-level terms and ideas that are aimed at extremely technical users with previous knowledge of malware, while not providing any context to what the malware aims to achieve. We aim to fix this problem. We are in the process of creating a Malware Analysis Lab that will autonomously analyze malware samples and generate reports that are easier to understand and include more relevant data, while easing the burden of maintaining infrastructure manually.
In this session we will be discussing the automation of the malware analysis process and the creation of human-readable reports. We will explore the current setup of our malware analysis lab and our plans for the future.