Upload File

here’s the titlecse498/2018-08/schedules/... · beta presentation improved detonation of evasive...

  • Home
  • Documents
  • Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University
9
From Students… …to Professionals The Capstone Experience Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University Fall 2018 Team Proofpoint Kyutae Park Ian Murray Sean Joseph Jack Mansueti Ryan Gallant

Upload: others

Post on 04-Jun-2020

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

From Students…

…to Professionals

The Capstone Experience

Beta PresentationImproved Detonation of Evasive Malware

Department of Computer Science and EngineeringMichigan State University

Fall 2018

Team ProofpointKyutae ParkIan Murray

Sean JosephJack Mansueti

Ryan Gallant

http://www.capstone.cse.msu.edu/
Page 2: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

Project Overview

• Malware sample is submitted into Cuckoo

• Cuckoo runs malware sample

• If sample shows signs of evasive behavior, the sample is modified and submitted again

• Cuckoo sends results of resubmission to dashboard

Team Proofpoint Beta Presentation

Page 3: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

System Architecture

Team Proofpoint Beta Presentation

Page 4: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

Landing Page

Team Proofpoint Beta Presentation

Page 5: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

Dashboard

Team Proofpoint Beta Presentation

Page 6: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

Results

Team Proofpoint Beta Presentation

Page 7: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

Modification in Progress

Team Proofpoint Beta Presentation

Page 8: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

What’s left to do?

• Integration with Proofpoint’s malware input stream

• Improved Detonation with Complex Samples

• Programmatically change algorithms for samples based on analysis

Team Proofpoint Beta Presentation

Page 9: Here’s the Titlecse498/2018-08/schedules/... · Beta Presentation Improved Detonation of Evasive Malware Department of Computer Science and Engineering Michigan State University

Questions?

Team Proofpoint Beta Presentation

?

? ??

?

?

?

?

?


Swiss Miss Returns - Enthused Enamoured Evasive

Detonation Waves and Pulse Detonation …shepherd.caltech.edu/EDL/projects/pde/Ae103-012704.pdf · Single cycle of a pulse detonation engineSingle cycle of a pulse detonation engine

Malevolution : The Evolution of Evasive Malware

Deltoid Detonation

39504371 Evasive Driving

Evasive Maneuvers - Nova Southeastern University

Thermal Stability and Detonation Characteristics of ... · The theoretical detonation characteristics (detonation velocity, D, detonation pressure, P, detonation energy, Edet., heat

Distributed Evasive Scan Techniques and Countermeasuresdawnsong/papers/fulltext.pdfDistributed Evasive Scan Techniques and Countermeasures Min Gyung Kang, Juan Caballero, and Dawn

Timmes (1996). Ignition Conditions Flame Propagation Detonation, Deflagration, Delayed Detonation, Pulsational Detonation Light curves and cosmology Topics

Evasive Driving

Understanding Evasive Script Tactics

Detonation Diffraction

Lasorsa Defensive and Evasive Driving Certificate

129439811 Shock Detonation

37_Pulse Detonation Core Engine - Home | · PDF fileEuropean Workshop on New Aero Engine Concepts Munich, 30 June – 1 July 2010 Pulse detonation What pulse detonation is a) The detonation

Obfuscation for Evasive Functions

Minerva - Introduction to Evasive Techniques

ARTIM - Non Evasive Cure

EVALUATION OF FIGHTER EVASIVE MANEUVERS AGAINST

Defensive and evasive ip strategies

3rd International Workshop on Detonation/ Detonation · PDF fileProgram for 3rd International Workshop on Detonation/Detonation Engine Sponsored by MSI, Tokyo Institute of Technology

Pulse Detonation Engine

Experimental Observations of Detonation in Ammonium ...public.lanl.gov/sjackson/papers/2010-Jackson-CI-ANFO.pdf · Experimental Observations of Detonation in Ammonium ... detonation,

Impact Angle Control Guidance Synthesis for Evasive

Detecting Evasive Malware in Sandbox

Detonation and Decomposition Characteristics of Dichlorate ...Detonation and Decomposition Characteristics ... densities using the Cheetah code. The detonation velocity at densities

Detonation and Transition to Detonation in Partially Water-Filled Pipes

PULSE DETONATION ENGINE TECHNOLOGY: AN OVERVIEW …kimerius.com/.../Pulse+detonation+engine+technology.pdf · ii PULSE DETONATION ENGINE TECHNOLOGY: AN OVERVIEW Submitted to Michael

Remote Detonation System

Detonation (Detonation Information)

Collision Avoidance Evasive Manoeuvers This lesson will focus on safe and responsible driving to avoid collisions by studying basic evasive manoeuvers

Detonation of Buildings

DETONATION SYNTHESIS MICRODIAMONDS

0 - Evasive Driving Techniques

What is Evasive Ad Content Policy