From Students…
…to Professionals
The Capstone Experience
Beta PresentationImproved Detonation of Evasive Malware
Department of Computer Science and EngineeringMichigan State University
Fall 2018
Team ProofpointKyutae ParkIan Murray
Sean JosephJack Mansueti
Ryan Gallant
Project Overview
• Malware sample is submitted into Cuckoo
• Cuckoo runs malware sample
• If sample shows signs of evasive behavior, the sample is modified and submitted again
• Cuckoo sends results of resubmission to dashboard
Team Proofpoint Beta Presentation
System Architecture
Team Proofpoint Beta Presentation
Landing Page
Team Proofpoint Beta Presentation
Dashboard
Team Proofpoint Beta Presentation
Results
Team Proofpoint Beta Presentation
Modification in Progress
Team Proofpoint Beta Presentation
What’s left to do?
• Integration with Proofpoint’s malware input stream
• Improved Detonation with Complex Samples
• Programmatically change algorithms for samples based on analysis
Team Proofpoint Beta Presentation
Questions?
Team Proofpoint Beta Presentation
?
? ??
?
?
?
?
?