Stagebank HBO-ICT

foo.png

Om te solliciteren op deze stage, moet je met je HvA-emailadres een account aanmaken.

account aanmaken

Bedrijfsinformatie

Securify B.V.
Naritaweg 106C
1043CA
Amsterdam
www.securify.nl

YARA rule generation for Android

Afstudeeropdracht SE, TC, SNE/CS Amsterdam
security
Gepubliceerd op 26-03-2018 10:53

Introduction

With over thousands of new pieces of malware each day, there are a great number of analysis reports respectively including malware features such as strings, opcodes, certificates, etc. 

yarGen is an open-source tool which uses naïve-Bayes-classifier, and multiple algorithms in order to classify the string and detect useful words instead of compression/encryption garbage. However, there is no solution yet to automate the generation for YARA rules for Android. 

Assignment

Your assignment is to perform applied research to understand how YARA rules work and how these can be implemented to work for the Android operating system. The end result should be a design and a proof of prototype that we can use for Android malware research.

Requirements

- Python/NodeJS programming skills.

- Passionate in malware analysis and reverse engineering.

- Machine learning knowledge is a plus.

Keywords: YARA rules, malware analysis, reverse engineering

Geschikt voor studenten
  • Software Engineering
  • Cyber Security
  • Technische Informatica