MaTA – Malware and Threat Analysis

Our research focuses on analyzing malicious software, “malware”, to identify malicious behaviors and propose novel defense mechanisms.

Main research outcomes:

  • Arancino: a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.
  • Jackdaw: a platform to assist analysts in analyzing malware samples by automatically extracting and tagging common behaviors.
  • Prometheus: a platform that analyzes WebInject-based trojans and extracts robusts, behavioral signatures of their malicious behavior.
  • ShieldFS: an innovative tool that makes the Windows native filesystem immune to ransomware attacks by detecting malicious activities and transparently reverting the effects of such attacks.