https://www.dagstuhl.de/17281
09. – 14. Juli 2017, Dagstuhl-Seminar 17281
Malware Analysis: From Large-Scale Data Triage to Targeted Attack Recognition
Organisatoren
Saumya K. Debray (University of Arizona – Tucson, US)
Thomas Dullien (Google Switzerland – Zürich, CH)
Arun Lakhotia (University of Louisiana – Lafayette, US)
Sarah Zennou (Airbus Group – Suresnes, FR)
Auskunft zu diesem Dagstuhl-Seminar erteilt
Dokumente
Dagstuhl Report, Volume 7, Issue 7
Motivationstext
Teilnehmerliste
Dagstuhl's Impact: Dokumente verfügbar
Summary
As a follow-up on the previous Dagstuhl Seminar 14241 on the analysis of binaries, the interest in attending this new seminar was very high. The attendance was very diverse, almost half academics and half practitioners.
Talks were arranged by topics and each day ended with an open discussion on one of the three topics: machine learning, obfuscation and practitioners' needs.
Considering the given talks, it appears that the challenges in the realm of general binary analysis have not changed considerably since the last gathering. However, the balance between the topics shows that the academic interest is now more focused on machine learning than on obfuscation. On the contrary practitioners exhibited examples showing that the sophistication level of obfuscations has tremendously increased during this last years.
The open discussions were the most fruitful part of the seminar. The discussions enabled the academics to ask practitioners about the hypotheses that are relevant to build models for their analyses and the problems they face in their daily work. The practitioners gained awareness of the automated tools and techniques that they can expect to see emerge from research labs.
These informal exchanges will be gathered into a separate document and spread to the academic community.
Finally please note that not all people who presented have submitted their abstracts due to the sensitive nature of the content and/or the organization that the participants work for.


Dagstuhl-Seminar Series
- 14241: "Challenges in Analysing Executables: Scalability, Self-Modifying Code and Synergy" (2014)
- 12051: "Analysis of Executables: Benefits and Challenges" (2012)
Classification
- Security / Cryptology
- Semantics / Formal Methods
- Verification / Logic
Keywords
- Malware
- Reverse engineering
- Executable analysis
- Obfuscation
- Machine learning
- Big data