There are 6 Results with the keyword : "malware"
Obfuscated code can be deobfuscated via dynamic synthesis.
Obfuscation can be used to hide malicious code and to hinder reverse-engineering of programs. In particular, obfuscated code is resistant to static analysis techniques. We will show how an attacker based on dynamic synthesis can be used to implement a general black-box deobfuscation technique based on interrogating the obfuscated code as an oracle, and reconstructing its behavior accordingly, until a synthesized program behaving like the obfuscated one is obtained.
The High-Security Laboratory (LHS) is designed to host decisive research work in order to make networks, Internet exchanges and associated telecommunications equipments safer. The LHS provides the technological and regulatory framework needed for scientific advances that accompany developments in our technological society. Open to industrial partners, the laboratory also represents a favourable opportunity for the reliability tests that are needed before various technological products or solutions can be put on the market.
Threat mitigation in a controlled environment.
We get a "trivial" ransomware running in a virtual machine with standards documents (word, excel, pdf, ...). Demonstrations objectives will be to recover the originals documents using the dictionary method (AES-ECB) and get the AES key. The AES key is extracted through the integration of a provider (CryptoAPI) in the system. Then we will prove with OpenSSL the key validity by retrieving a document.
Rencontres Inria Industrie
One of the current threat on the privacy and confidentiality of data is the possibility of data theft through malware infection. In our demonstration, we show how our malware detection tool chain can be used to detect malwares and prevent exfiltration of data after an infection. Methods based on syntactic properties become ineffective as soon as the binary is slightly mutated or obfuscated. We'll show that our method, based on behavioral analysis, is able to detect even mutated and obfuscated malware, thus protecting user data from avanced infections.
A security research team based at Inria center, in Rennes, Brittany, France, Tamis recently partnered with American networking hardware giant Cisco Systems in a move meant to design an innovative method for uncovering malware at code execution.
The Android galaxy is plagued with a host of fake apps solely devised to rob smartphone users of their ID, their data or their money. Studying this type of infection vector, a group of French scientists is coming up with a string of innovative test and visualization tools meant to help security analysts investigate suspicious software, explore its inner-structure, force sleeping code out of dormancy and produce an intuitive graph representation of what the malware is really up to.
- Valérie Viet Triem Tong
- Jean-François Lalande
- INRIA Rennes - Bretagne Atlantique