Malware Analysis as a Hobby -      the short story   Michael Boman - Security Consultant/Researcher, Father of 5
The manual way
Drawbacks                                          Time consumingBoring in the long run (not all malware are created equal)
Choose any two….               Cheap   Good                Fast
   I can do it cheaply (hardware and                          license cost-wise). Human time notChoose any two? Why      ...
Automateeverything!                 Automate      Engineer yourself out of the workflow
Birth of theMART ProjectMalware Analyst Research Toolkit
Components
Sample Acquisition•   Public & Private Collections•   Exchange with other malware analysts•   Finding and collecting malwa...
Sample Analysis•   Cuckoo Sandbox•   VirusTotal
DEMO: Submit sample for               analysis
Sample Reporting•   Results are stored in MongoDB (optional)•   Accessed using a analyst GUI
Budget   Computer: €520   MSDN License: €800 (€590 renewal)   Year 1: €1320   Year N: €590   Money saved from stopped...
Next steps•   Barebone on-the-iron malware    analysis•   Android platform support•   OSX platform support•   iOS patform ...
Questions?
Malware analysis as a hobby - the short story (lightning talk)
Malware analysis as a hobby - the short story (lightning talk)
Malware analysis as a hobby - the short story (lightning talk)
Malware analysis as a hobby - the short story (lightning talk)
Malware analysis as a hobby - the short story (lightning talk)
Malware analysis as a hobby - the short story (lightning talk)
Upcoming SlideShare
Loading in...5
×

Malware analysis as a hobby - the short story (lightning talk)

1,922

Published on

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,922
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
7
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Malware analysis as a hobby - the short story (lightning talk)

  1. 1. Malware Analysis as a Hobby - the short story Michael Boman - Security Consultant/Researcher, Father of 5
  2. 2. The manual way
  3. 3. Drawbacks Time consumingBoring in the long run (not all malware are created equal)
  4. 4. Choose any two…. Cheap Good Fast
  5. 5.  I can do it cheaply (hardware and license cost-wise). Human time notChoose any two? Why included.not all of them?  I can do it quickly (I spend up to 3 Cheap hours a day doing this, at average even less).  I get pretty good results (quality). Where the system lacks I can compensate for its shortcomings.Good Fast
  6. 6. Automateeverything! Automate Engineer yourself out of the workflow
  7. 7. Birth of theMART ProjectMalware Analyst Research Toolkit
  8. 8. Components
  9. 9. Sample Acquisition• Public & Private Collections• Exchange with other malware analysts• Finding and collecting malware yourself
  10. 10. Sample Analysis• Cuckoo Sandbox• VirusTotal
  11. 11. DEMO: Submit sample for analysis
  12. 12. Sample Reporting• Results are stored in MongoDB (optional)• Accessed using a analyst GUI
  13. 13. Budget Computer: €520 MSDN License: €800 (€590 renewal) Year 1: €1320 Year N: €590 Money saved from stopped smoking (yearly): €2040
  14. 14. Next steps• Barebone on-the-iron malware analysis• Android platform support• OSX platform support• iOS patform support
  15. 15. Questions?
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×