Visible to the public Malware Detection and Security Analysis Capabilities in a Continuous Integration / Delivery Context Using Assemblyline

TitleMalware Detection and Security Analysis Capabilities in a Continuous Integration / Delivery Context Using Assemblyline
Publication TypeConference Paper
Year of Publication2021
AuthorsAlmuhtadi, Wahab, Bahri, Surbhi, Fenwick, Wynn, Henderson, Liam, Henley-Vachon, Liam, Mukasa, Joshua
Conference Name2021 IEEE International Conference on Consumer Electronics (ICCE)
KeywordsAssemblyline, CCCS, CI/CD, Computer crime, Conferences, detection, Malware, Malware Scoring, PoetRAT, pubcrawl, python, resilience, Resiliency, risk management, Safety, Scalability, security, Security by Default, software analysis, Tools, Ubuntu, YARA
AbstractRisk management is an essential part of software security. Assemblyline is a software security tool developed by the Canadian Centre for Cyber Security (CCCS) for malware detection and analysis. In this paper, we examined the performance of Assemblyline for assessing the risk of executable files. We developed and examined use-cases where Assemblyline is included as part of a security safety net assessing vulnerabilities that would lead to risk. Finally, we considered Assemblyline's utility in a continuous integration / delivery context using our test results.
DOI10.1109/ICCE50685.2021.9427677
Citation Keyalmuhtadi_malware_2021