Ikarus InnoScheck

The major goal of this project is the prototypical design, implementation and testing of knowledge-assisted visual analytics methods to support malware analysts during the analysis and identification of malicious behavior of software.

The behavioral analysis of malicious software (malware) is usually done by hand using scripts for cleanup the data and pattern recognition as well as standard software such as text editors. In this context, a vast amount of data has to be analyzed which is not manageable because there are currently no interactive visual user interfaces that cover all the needs of the analysts or support them performing their work steps. 


Through the integration of interactive visualizations and visual analytics methods and the integration of stored expert knowledge, it is possible to speed up the exploration of the data as well as to improve the quality of the results.

This approach also provides the possibility for the domain experts to exchange their knowledge among themselves, and thus to learn from one another.

Publications

Thür, N., M. Wagner, J. Schick, C. Niederer, J. Eckel, R. Luh, and W. Aigner, "A Bigram Supported Generic Knowledge-Assisted Malware Analysis System: BiG2-KAMAS", Proceedings of the 10th Forum Media Technology 2017, St. Pölten, CEUR-WS, pp. 107-115, 11/2017.
Thür, N., M. Wagner, J. Schick, C. Niederer, J. Eckel, R. Luh, and W. Aigner, "BiG2-KAMAS: Supporting Knowledge-Assisted Malware Analysis with Bi-Gram Based Valuation", Poster of the 14th Workshop on Visualization for Cyber Security (VizSec), Phoenix, Arizona, USA, 10/2017.