SlideShare a Scribd company logo

Automatic Malware Analysis & Repository

Download as PPTX, PDF
Satria Ady Pradana
Satria Ady Pradana

Presentasi di ID Cert Malware Summit 2017 Bandung, 2017-04-13 Presentasi ini terdiri dari beberapa slide yang membahas subtopik presentasi. Narasi dan penjelasan ada pada notes di setiap slide.

Technology
1 of 12
Automatic Malware Analysis & Repository Matias Prasodjo Satria Ady Pradana
Starts from the Idea dan niat.
Gauli.net & dracLabs  Timbunan segala hal yang terpikir.  Dimulai dari course (Gauli.net)  Hingga sarana lab untuk berlatih dan mengasah skill (dracLabs)  Fokus saat ini: malware  Dengan niat baik dan ide jahat
Malware Repository With extras!
Malware Indonesia? Unik
Apa yang kami tawarkan?
 Platform, tentu saja.  Statistik yang realtime dan akurat.
Tujuan Akhir
 Menjadi seperti VirusTotal tapi untuk hal yang lebih besar.  Melakukan analysis secara otomatis.  Dapat dihubungkan dengan banyak penyedia untuk automatic dynamic-analysis.  Mendukung berbagai platform  PC (Windows, Linux)  Mobile (Android, iOS)  Terhubung ke penyedia Anti Virus  Akan ada yang berceletuk “malware? Ke dracLab aja”
API? Memungkinkan terintegrasi dengan AV lokal.
Progress?
What’s Next?

Recommended

Malware Analysis
Malware AnalysisMalware Analysis
Malware AnalysisDigit Oktavianto
 
Antivirus AVG
Antivirus AVGAntivirus AVG
Antivirus AVGgraciannalina
 
Tugas mulok avg
Tugas mulok avgTugas mulok avg
Tugas mulok avgnovieka28
 
Tugas mulok avg
Tugas mulok avgTugas mulok avg
Tugas mulok avgRetno Budi Setyowati
 
Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...
Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...
Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...Lisa Andriyani
 
Malware
MalwareMalware
MalwareMaya Ayunanda
 
Rootmagz 022015
Rootmagz 022015Rootmagz 022015
Rootmagz 022015Slamet Mugiono
 
Jurnal trojan horse
Jurnal trojan horseJurnal trojan horse
Jurnal trojan horseHanifSulthoni2
 

Recommended

Malware Analysis
Malware AnalysisMalware Analysis
Malware AnalysisDigit Oktavianto
 
Antivirus AVG
Antivirus AVGAntivirus AVG
Antivirus AVGgraciannalina
 
Tugas mulok avg
Tugas mulok avgTugas mulok avg
Tugas mulok avgnovieka28
 
Tugas mulok avg
Tugas mulok avgTugas mulok avg
Tugas mulok avgRetno Budi Setyowati
 
Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...
Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...
Sim,lisa andriyani,hapzi ali,keamanan sistem informasi,universitas mercubuana...Lisa Andriyani
 
Malware
MalwareMalware
MalwareMaya Ayunanda
 
Rootmagz 022015
Rootmagz 022015Rootmagz 022015
Rootmagz 022015Slamet Mugiono
 
Jurnal trojan horse
Jurnal trojan horseJurnal trojan horse
Jurnal trojan horseHanifSulthoni2
 
Tgs 3 kkm
Tgs 3 kkmTgs 3 kkm
Tgs 3 kkmDuwiYuliyana
 
Contoh karya ilmiah dan makalah
Contoh karya ilmiah dan makalahContoh karya ilmiah dan makalah
Contoh karya ilmiah dan makalahMuhammad Islamy
 
4 keamanan-malware
4 keamanan-malware4 keamanan-malware
4 keamanan-malwareDhan junkie
 
Antivirus
AntivirusAntivirus
AntivirusDjail Khoerot
 
10 Antivirus Terbaik 2012
10 Antivirus Terbaik 201210 Antivirus Terbaik 2012
10 Antivirus Terbaik 2012shofichofifah
 
Materi 3-keamanan-komputer-dampak-dan-program-penggangu
Materi 3-keamanan-komputer-dampak-dan-program-pengganguMateri 3-keamanan-komputer-dampak-dan-program-penggangu
Materi 3-keamanan-komputer-dampak-dan-program-penggangusulaiman yunus
 
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...idsecconf
 
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...Pratiwi Rosantry
 
Virus
VirusVirus
VirusEka Santoso
 
Kelompok 6
Kelompok 6Kelompok 6
Kelompok 6Eka Santoso
 
Software Aplikasi (Aplikasi Komputer)
Software Aplikasi (Aplikasi Komputer)Software Aplikasi (Aplikasi Komputer)
Software Aplikasi (Aplikasi Komputer)vennadenisha
 
Pengantar software
Pengantar softwarePengantar software
Pengantar softwareBambang Karyadi
 
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...idsecconf
 
Materi Pelatihan analisa malware
Materi Pelatihan analisa malwareMateri Pelatihan analisa malware
Materi Pelatihan analisa malwareSetia Juli Irzal Ismail
 
UTS AI DWINDA.pptx
UTS AI DWINDA.pptxUTS AI DWINDA.pptx
UTS AI DWINDA.pptxDwindaLaila1
 
Alif (Final)
Alif (Final)Alif (Final)
Alif (Final)UD. Berkah Jaya Komputer
 
Teknologi informasi dan komunikasi
Teknologi informasi dan komunikasiTeknologi informasi dan komunikasi
Teknologi informasi dan komunikasifatharanianisa
 
Norton xii ipa 1
Norton xii ipa 1Norton xii ipa 1
Norton xii ipa 1nadyrul
 
Tugas Mulok Virus Pada Komputer
Tugas Mulok Virus Pada KomputerTugas Mulok Virus Pada Komputer
Tugas Mulok Virus Pada Komputernadyrul
 
virus komputer
virus komputervirus komputer
virus komputermagdalenatyen
 
Malware for Red Team
Malware for Red TeamMalware for Red Team
Malware for Red TeamSatria Ady Pradana
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalSatria Ady Pradana
 

More Related Content

Similar to Automatic Malware Analysis & Repository

Contoh karya ilmiah dan makalah
Contoh karya ilmiah dan makalahContoh karya ilmiah dan makalah
Contoh karya ilmiah dan makalahMuhammad Islamy
 
4 keamanan-malware
4 keamanan-malware4 keamanan-malware
4 keamanan-malwareDhan junkie
 
10 Antivirus Terbaik 2012
10 Antivirus Terbaik 201210 Antivirus Terbaik 2012
10 Antivirus Terbaik 2012shofichofifah
 
Materi 3-keamanan-komputer-dampak-dan-program-penggangu
Materi 3-keamanan-komputer-dampak-dan-program-pengganguMateri 3-keamanan-komputer-dampak-dan-program-penggangu
Materi 3-keamanan-komputer-dampak-dan-program-penggangusulaiman yunus
 
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...idsecconf
 
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...Pratiwi Rosantry
 
Software Aplikasi (Aplikasi Komputer)
Software Aplikasi (Aplikasi Komputer)Software Aplikasi (Aplikasi Komputer)
Software Aplikasi (Aplikasi Komputer)vennadenisha
 
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...idsecconf
 
UTS AI DWINDA.pptx
UTS AI DWINDA.pptxUTS AI DWINDA.pptx
UTS AI DWINDA.pptxDwindaLaila1
 
Teknologi informasi dan komunikasi
Teknologi informasi dan komunikasiTeknologi informasi dan komunikasi
Teknologi informasi dan komunikasifatharanianisa
 
Norton xii ipa 1
Norton xii ipa 1Norton xii ipa 1
Norton xii ipa 1nadyrul
 
Tugas Mulok Virus Pada Komputer
Tugas Mulok Virus Pada KomputerTugas Mulok Virus Pada Komputer
Tugas Mulok Virus Pada Komputernadyrul
 

Similar to Automatic Malware Analysis & Repository (20)

Tgs 3 kkm
Tgs 3 kkmTgs 3 kkm
Tgs 3 kkm
 
Contoh karya ilmiah dan makalah
Contoh karya ilmiah dan makalahContoh karya ilmiah dan makalah
Contoh karya ilmiah dan makalah
 
4 keamanan-malware
4 keamanan-malware4 keamanan-malware
4 keamanan-malware
 
Antivirus
AntivirusAntivirus
Antivirus
 
10 Antivirus Terbaik 2012
10 Antivirus Terbaik 201210 Antivirus Terbaik 2012
10 Antivirus Terbaik 2012
 
Materi 3-keamanan-komputer-dampak-dan-program-penggangu
Materi 3-keamanan-komputer-dampak-dan-program-pengganguMateri 3-keamanan-komputer-dampak-dan-program-penggangu
Materi 3-keamanan-komputer-dampak-dan-program-penggangu
 
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...
Charles Lim, Mario Marcello - “Sistem Pemantauan Ancaman Serangan Siber di In...
 
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...
Tugas sim, pratiwi rosantry,yananto mihadi putra,se, m.si, sumber daya komput...
 
Virus
VirusVirus
Virus
 
Kelompok 6
Kelompok 6Kelompok 6
Kelompok 6
 
Software Aplikasi (Aplikasi Komputer)
Software Aplikasi (Aplikasi Komputer)Software Aplikasi (Aplikasi Komputer)
Software Aplikasi (Aplikasi Komputer)
 
Pengantar software
Pengantar softwarePengantar software
Pengantar software
 
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...
Undetectable Backdoor: The Art of Malicious Software and Social Engineering -...
 
Materi Pelatihan analisa malware
Materi Pelatihan analisa malwareMateri Pelatihan analisa malware
Materi Pelatihan analisa malware
 
UTS AI DWINDA.pptx
UTS AI DWINDA.pptxUTS AI DWINDA.pptx
UTS AI DWINDA.pptx
 
Alif (Final)
Alif (Final)Alif (Final)
Alif (Final)
 
Teknologi informasi dan komunikasi
Teknologi informasi dan komunikasiTeknologi informasi dan komunikasi
Teknologi informasi dan komunikasi
 
Norton xii ipa 1
Norton xii ipa 1Norton xii ipa 1
Norton xii ipa 1
 
Tugas Mulok Virus Pada Komputer
Tugas Mulok Virus Pada KomputerTugas Mulok Virus Pada Komputer
Tugas Mulok Virus Pada Komputer
 
virus komputer
virus komputervirus komputer
virus komputer
 

More from Satria Ady Pradana

Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalSatria Ady Pradana
 
MITM: Tales of Trust and Betrayal
MITM: Tales of Trust and BetrayalMITM: Tales of Trust and Betrayal
MITM: Tales of Trust and BetrayalSatria Ady Pradana
 
Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationSatria Ady Pradana
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstSatria Ady Pradana
 
Silabus Training Reverse Engineering
Silabus Training Reverse EngineeringSilabus Training Reverse Engineering
Silabus Training Reverse EngineeringSatria Ady Pradana
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day SoftwareSatria Ady Pradana
 
Reverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseReverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseSatria Ady Pradana
 
The Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingThe Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingSatria Ady Pradana
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
 
Android Security: Art of Exploitation
Android Security: Art of ExploitationAndroid Security: Art of Exploitation
Android Security: Art of ExploitationSatria Ady Pradana
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with FridaSatria Ady Pradana
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)Satria Ady Pradana
 
Reverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareReverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareSatria Ady Pradana
 
Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Satria Ady Pradana
 
Memory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactMemory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactSatria Ady Pradana
 

More from Satria Ady Pradana (20)

Malware for Red Team
Malware for Red TeamMalware for Red Team
Malware for Red Team
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security Professional
 
MITM: Tales of Trust and Betrayal
MITM: Tales of Trust and BetrayalMITM: Tales of Trust and Betrayal
MITM: Tales of Trust and Betrayal
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber Security
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming Operation
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the Worst
 
Silabus Training Reverse Engineering
Silabus Training Reverse EngineeringSilabus Training Reverse Engineering
Silabus Training Reverse Engineering
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day Software
 
Firmware Reverse Engineering
Firmware Reverse EngineeringFirmware Reverse Engineering
Firmware Reverse Engineering
 
Reverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseReverse Engineering: The Crash Course
Reverse Engineering: The Crash Course
 
The Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingThe Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration Testing
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in Essence
 
Android Security: Art of Exploitation
Android Security: Art of ExploitationAndroid Security: Art of Exploitation
Android Security: Art of Exploitation
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with Frida
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)
 
Reverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareReverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the Software
 
Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)
 
Memory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactMemory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory Artefact
 

Automatic Malware Analysis & Repository

Editor's Notes

  1. Di dracos kami memiliki banyak mimpi dan ide. Ada yang baik ada yang jahat. Ada yang kecil, ada yang besar. Ada yang aman ada yang berbahaya.
  2. Untuk menampung semua wadah itu, terciptalah Gauli.net dan dracLabs. Intinya adalah himpunan segala ide yang terpikirkan. Gauli untuk course dan pembelajaran
  3. Niat baik Memberikan platform untuk kolaborasi antar penggiat malware agar dapat bertukar pikiran dan saling membantu dalam kegiatan riset malware. Mengumpulkan sample dan menjadi wadah untuk saling bertukar sample Untuk kebutuhan lokal saja Ide jahat Jika aku ingin bikin malware, aku punya banyak sample
  4. Malware indonesia unik, menganut demokrasi: dari kita, oleh kita, untuk kita. Kadang hanya menyebar di lokal saja, tak sampai internasional Malware lokal yang tak sampai internasional menyebabkan sedikitnya dukungan AV luar negeri untuk membasminya. AV lokal harusnya lebih banyak berperan dalam melakukan riset malware lokal. Darimana dapat sample? Kolaborasi? Di id malware summit 2015 disebutkan bahwa masih kurangnya infrastruktur untuk kolaborasi. Tapi 2015 idenya adalah membuat semacam virustotal untuk gabungan AV lokal. Kami ingin lebih daripada itu. Jika ingin mempercepat pengumpulan sample yang beragam maka platform khusus harus dibangun.
  5. Dengan API yang dipunya bisa juga dibuat untuk kolaborasi dengan AV lokal. Vendor AV lokal dapat menyediakan mesin yang dapat dihubungi oleh infrastruktur ini melalui API API dapat seragam untuk memudahkan kolaborasi
  6. Backend telah siap Yang sudah ada: analisis untuk windows Yang sedang dibangun: analisis untuk android Kekurangan interface
  7. Penggunaan draclabs untuk third party. Misalnya sebuah appliance. Dibangun menggunakan raspberry pi. Terhubung ke draclabs Berada di jaringan untuk monitor apa yang lewat Jika menangkap sample yang mencurigakan, akan coba dibandingkan apakah cocok dengan signature malware di database? Jika tidak ada, sample dapat dikirimkan secara otomatis ke draclab untuk dianalisis. Jika positive maka signature baru akan ditambahkan ke database lokal