20 hours a week
Good programming skills, particularly C, C++, Python, and knowledge of Windows/Linux internals
Aims: Detecting and Mitigating some Evasion Techniques used by Malware
Background: Several malware samples exploit advanced tactics to detect whether they are run in a sandboxed/virtual analysis environment. In such cases, malware samples do not perform any malicious actions to evade analysis and detection by security researchers. The goal of the project is to analyse some targets of anti-sandboxing techniques used by malware (e.g., registry keys, reverse Turing test, loaded libraries, process list) and propose/develop some countermeasures to mitigate these evasion attacks, by testing them on existing evasion tools.