CS 6262 Network Security Assignment Problem

Assignment Help Computer Network Security

Reference no: EM132395349

CS 6262 - Network Security
Georgia Institute of Technology
Project: Malware Analysis

Android Malware

Scenario
• Analyzing Windows Malware
• You got a malware sample from the wild. Your task is to discover what the malware does by analyzing it
• How do you discover the malware's behaviors?
• Static Analysis
• Manual Reverse Engineering
• Programming binary analysis
• Dynamic Analysis
• Network behavioral tracing
• Run-time system behavioral tracing(File/Process/Thread/Registry)
• Symbolic Execution
• Fuzzing
• In our scenario, you are going to analyze the given malware with tools that we provide.
• These tools help you to analyze the malware with static and dynamic analysis.
• Objective
1. Find which server controls the malware (the command and control (C2) server)
2. Discover how the malware communicates with the command and control (C2) server
• URL and Payload
3. Discover what activities are done by the Linux malware
• Attack activities

Requirement

• Make sure that no malware traffic goes out from the virtual machine
• But, updating the malware (stage 2), and downloading the Linux malware (stage 3) must be allowed for us to understand the malware's behavior
• The command and control server is dead. You need to reconstruct it
• Use tools to reconstruct the server, then reveal hidden behaviors of the malware
• Analyze network traffic on the host, and figure out the list of available commands for the malware
• Analyze network traffic trace of the host, and figure out what malware does
• Write down your answer into assignment-questionnaire.txt

Android Malware Analysis
• Manifest Analysis
• Identifying suspicious components
• Static Analysis
• Search for C&C commands and trigger conditions
• Vet the app for any anti-analysis techniques that need to be removed.
• Dynamic analysis
• Leverage the information found via static analysis to trigger the malicious behavior.

Manifest Analysis
• Identify suspicious components
• Broadcast receivers registering for suspicious actions.
• Background services

Attachment:- Advanced Malware Analysis.rar

Reference no: EM132395349

Questions Cloud

Determine the present value of growth opportunities : Determine the present value of growth opportunities for a company with a leading EPS of $1.5, a required rate of return of 10 percent, and a current stock price

What strategies can you use to enhance your creativity : Evaluate yourself using the three indices of creativity. What strategies can you use to enhance your creativity? At least 600 words with APA references.

What are at least two factors that contribute to complexity : Information and Communication Technology Policy Making is a complex process in which many stakeholders are involved. What are at least two factors.

Defined asymptotic stability : Asymptotic stability is defined by? In induction motor when length of airgap increased, the megenetizing current increase while short circuit current remains

CS 6262 Network Security Assignment Problem : CS 6262 Network Security Assignment Help and Solution, Georgia Institute of Technology, Homework Help - Analyze network traffic on the host.

Write sample instructions on how to use the kiosk : Write sample instructions on how to use the kiosk. The library intends to post these instructions on a sign next to the kiosk, so they must be short.

Organizations interested in fostering good business ethics : Why are organizations interested in fostering good business ethics? What approach can you take to ensure ethical decision making?

What measures would you take to engage stakeholders : Create a new thread. As indicated above, you will assume the role of project manager of a project to develop a comprehensive policy for managing pedestrian.

Separate engineering management systems : An agency has focused its system development and critical infrastructure data collection efforts on separate engineering management systems

User Account

All Pages