VAMOS - Efficient Analysis and Detection of Modern Malware

The aim of the VAMOS project is the development of novel techniques for the analysis and detection of highly complex malicious code. The basis for this is the analysis technology of the network partner VMRay: unknown files are executed in a virtual environment, their behavior is recorded and analyzed in detail. Due to the high precision of the documentation, considerably larger amounts of data accumulate than with existing analysis systems.

Based on modern concepts of machine learning, methods are to be developed which allow to efficiently investigate this extensive data and to detect novel malicious programs and attack techniques through anomaly detection. For this, abstract patterns of behavior must automatically be recognized, new ones distinguished from those already known, and characteristic behavioral indicators derived from them.

Subsequently, these indicators can then be used by conventional security solutions large-scale and efficient for malicious code detection.