Martina Lindorfer
Anubis: Analyzing Unknown Binaries
In this talk, we will present the dynamic malware analysis system
Anubis. Users can submit Windows binaries for analysis in an
instrumented Qemu emulator, and receive a report that describes the
system- and network-level behavior of the binary in a human-readable
way. Anubis has been offered by the International Secure Systems Lab as
an open service through a public website since February
2007.
We will give a quick overview on Windows binary analysis with Anubis,
and then focus on two recent extensions to its analysis capabilities:
First, we will talk about the extension to facilitate the submission and
analysis of shellcode. Then, we will present the analysis of Android
APKs, nicknamed "Andrubis".
Bio
Martina Lindorfer is a PhD student at the Secure Systems Lab at Vienna University of Technology. She holds a Master's degree from the Vienna University of Technology, as well as a Bachelor's degree from the University of Applied Science in Hagenberg. In 2012, Martina was one of the recipients of the Google Anita Borg Memorial Scholarship.
Her research focuses on the dynamic analysis of malware, especially on the evolution of malicious code and anti-analysis techniques in malware.
With the support of the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme.