Title | Malware Detection and Security Analysis Capabilities in a Continuous Integration / Delivery Context Using Assemblyline |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Almuhtadi, Wahab, Bahri, Surbhi, Fenwick, Wynn, Henderson, Liam, Henley-Vachon, Liam, Mukasa, Joshua |
Conference Name | 2021 IEEE International Conference on Consumer Electronics (ICCE) |
Keywords | Assemblyline, CCCS, CI/CD, Computer crime, Conferences, detection, Malware, Malware Scoring, PoetRAT, pubcrawl, python, resilience, Resiliency, risk management, Safety, Scalability, security, Security by Default, software analysis, Tools, Ubuntu, YARA |
Abstract | Risk management is an essential part of software security. Assemblyline is a software security tool developed by the Canadian Centre for Cyber Security (CCCS) for malware detection and analysis. In this paper, we examined the performance of Assemblyline for assessing the risk of executable files. We developed and examined use-cases where Assemblyline is included as part of a security safety net assessing vulnerabilities that would lead to risk. Finally, we considered Assemblyline's utility in a continuous integration / delivery context using our test results. |
DOI | 10.1109/ICCE50685.2021.9427677 |
Citation Key | almuhtadi_malware_2021 |