Our research focuses on analyzing malicious software, “malware”, to identify malicious behaviors and propose novel defense mechanisms.
Main research outcomes:
- Arancino: a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.
- Jackdaw: a platform to assist analysts in analyzing malware samples by automatically extracting and tagging common behaviors.
- Prometheus: a platform that analyzes WebInject-based trojans and extracts robusts, behavioral signatures of their malicious behavior.
- ShieldFS: an innovative tool that makes the Windows native filesystem immune to ransomware attacks by detecting malicious activities and transparently reverting the effects of such attacks.