Characterizing and Prioritizing Malicious Code

May 29, 2014 • Podcast

By

Jose A. Morales and Julia H. Allen

In this podcast, Jose Morales discusses how to prioritize malware samples, helping analysts to identify the most destructive malware to examine first.

Publisher

Software Engineering Institute

Subjects

Reverse Engineering For Malware Analysis

Listen

Abstract

Every day, major anti-virus companies and research organizations are inundated with new malware samples. Although estimates vary, approximately 150,000 new malware strains are released each day. Not enough manpower exists to manually address the volume of new malware samples that arrive daily in analysts' queues. Malware analysts need an approach that allows them to sort samples in a fundamental way so they can assign priority to the most malicious binary files.

In this podcast, Jose Morales, a malicious software researcher with the CERT Division, discusses an approach for prioritizing malware samples, helping analysts to identify the most destructive malware to examine first, based on the binary file's execution behavior and its potential impact.

Related Training

Malware Analysis Apprenticeship

About the Speaker

Jose A. Morales

Jose Morales is a researcher with the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. He has conducted research in cybersecurity since 1998 with a current focus on behavior-based malware analysis and detection, suspicion assessment theory and implementation, mobile malware, and …

Julia H. Allen

Julia Allen is an SEI alumni employee.

Julia Allen is a principal researcher within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. Allen’s areas of interest include operational resilience, security governance, and measurement and analysis. Prior to this technical assignment, …

Software Engineering Institute