Andy Blog (주위에 빛에되게 해 주세요)  
Front Page
Tag | Location | Guestbook | Admin   
 
Category :'Paper'(2)
2006.10.25   The Paper called "Collaborative Malicious Code Analysis System" on VB2006
2005.11.17   Speaking at AVAR 2005


The Paper called "Collaborative Malicious Code Analysis System" on VB2006

사용자 삽입 이미지

In 2006, We applied the Paper called  "Collaborative Malicious Code Analysis System" on VB2006, and it was accepted.
We hope to share our experience with other virus researchers. hope to see you at Montreal in Canada.



COLLABORATIVE MALICIOUS CODE ANALYSIS SYSTEM
Kyu-beom Hwang  & Deok-young Jung,  AhnLab Inc.


ABSTRACT

Most malicious codes are developed by high-level languages. Those malicious codes bring the code to increase in its size. Therefore, the much more efforts and the time are required for its analysis.

Individual analysis of malicious code can not guarantee the expected output because there is a limitation in time for analyzing each malicious code. The individual analysis, which is currently performed and traditionally accepted, is not well suited for entry-level analyst who has just started to learn the work.

Most research efforts to solve the problem are dedicated to the use of concept of collaboration. The concept of collaboration has been achieved through analyzing those malicious codes using IDA and its plug-ins. However, the analyzed result of malicious code in previous concept of collaboration could not be utilized. In addition, newly emerged and various types of malicious codes which has minor difference in its code content from the original copy are not effectively analyzed by the previous concept.

This paper proposes CMAS (Collaborative Malicious codes Analysis System), which is considered as an analysis technique based on “divide and conquer” approach. CMAS provides guidelines to break down the code to be analyzed and to assign the part of code to each individual who is an expert in their particular field such as network, registry and file. It enables each participant to analyze the part of code simultaneously through network environment. The analyzed data is enabled to be stored into the central database, and the data which is previously stored in the database can be utilized to analyze malicious code.
...




Full Paper : Kyu-beom Hwang and Deokyoung Jung, "Collaborative Malicious Codes Analysis System", Virus Bulletin Conf. 2006.
신고
Tag : malicious, Paper, Reverse Engineering


Speaking at AVAR 2005

사용자 삽입 이미지


[AVAR 2005 - Association of Anti Virus Asia Researchers Conference] 2005.11.17

Andy spoke on the paper "New threats on Mobile environment in KOREA" in AVAR2005.
In this paper, we researched into the security hole and using problem, the predicted attack of malicious codes and suggest a guideline of safety mobile phone uses.

After finishing the conference, it was very nice hanging out with other analysts, researchers and developers.

Abstract
In Korea, CDMA based cell phones are used widely.
Nowadays many people concern about attack cell-phone by malicious codes.
Recently, the malicious codes on Symbian OS are found, many people's concerns are on the increase.
Of course, In Korea, many users worry about possiblity of malicious codes' attack but Mobile Service Providers(eg. SKT, KTF, LGT) do consider malicious codes' attacks. two years ago, we already developed a signature based antivirus solution on SKT CDMA environment. maybe traditional styled attacks are not possible for a long time.

In spite of these activities, the security holes are based on users' mind. in process of connecting PC, malicious codes attack is enable to do exploit.
Illegal contents or firmware are shared on the Internet, so the latency of exploit exists. to the future, the attacks predict forgery, modify, stealing of contents or data and breakdown of phone.
In Korea , many users uses phone manger and QPST tool widely .

In this paper, we research into the security hole and using problem, the predicted attack of malicious codes and suggest a guideline of safety cell phone use.
Reseached problems are likely to be in other country and similar evironment.
so cell phone manufactor, searvice provider and AV company consider these problems.

Full Paper : "New Threats on Mobile Environment in Korea",

http://aavar.org/avar2005/program_detail/019.htm

more..

신고
Tag : AVAR, Paper


BLOG main image
 Notice
이 블로그에 대하여..
시즌#5 원칙
시즌 #5를 준비하며.. - 빛..
 Category
분류 전체보기 (119)
profile (2)
Season#1:Computer (21)
Season#2:Finacial (8)
Season#3: Enlightenm.. (16)
Season#5:충만한삶 (1)
Study (15)
Memories of leisure (22)
graffiti (31)
...Personal (0)
 TAGS
Book Paper KeyWest AVAR2007 Miami kernel MVP VB2007 MVP Global Summit SnowBoarding


 Calendar
«   2017/05   »
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
 Recent Entries
덕영씨를 사랑해 주.. (24)
먹는 즐거움 (47)
텔레비젼에 나오는.. (8)
드디어 집에 돌아왔.. (13)
[당분간 치료 기간동.. (9)
목욕법 - 저체온이..
늘 사람을 얻는 분 -..
면역 운동에 대한 좋..
시즌 #5를 준비하며... (3)
가장 간단한 봉사의.. (1)
10시간의 대수술과 2.. (5)
챙김을 받기 보다는..
남들에게 편안함을..
내 감정을 표현할줄..
2차 항암치료 (2)
욕심을 버려 무리하..
오늘에야 깨달은 인..
죽음은 언제나 바로..
남과의 거래에 있어..
건강이보배 : 하루 1..
 Recent Comments
귀한 깨우침을 선물..
pskpassion - 2012
지금 이 땅에 게시지..
passion - 2012
좋은 발자취보고 갑..
마틴한 - 2012
안철수교수님강의를..
라파엘로 - 2012
안철수 교수의 강연..
에밀 - 2012
 Recent Trackbacks
visite site
visite site
 Archive
2011/04
2011/02
2011/01
2010/11
2010/10
2010/09
2010/08
2010/07
2010/06
2010/05
2010/04
2010/03
2009/12
2009/10
2009/03
2009/02
2009/01
2008/09
2008/08
2008/06
 Link Site
AndyJung's Page
Linkedin - public profile.
Sleek.
 Visitor Statistics

Locations of visitors to this page
Total : 108,796
태터툴즈 배너
rss
 

티스토리 툴바