BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Structural executable comparison\, malware classification\, and co
 llaborative binary analysis - the formerly-zynamics tools at Google - Thom
 as Dullien\, Google
DTSTART:20121114T141500Z
DTEND:20121114T151500Z
UID:TALK39265@talks.cam.ac.uk
CONTACT:Stephen Clark
DESCRIPTION:Recent years have seen an explosion in the industry adoption o
 f\nreverse engineering\nfor security purposes. Between the late 90's and t
 oday\, a niche\nendeavor turned into industry\npractice - both for the ana
 lysis of malicious software and for the\nsecurity review of closed-source\
 nsoftware components. In 2011\, Google acquired zynamics GmbH\, a small\nc
 ompany focused on\ndeveloping software for (security-minded) reverse engin
 eers. This talk\nwill give an overview of the\ndifferent areas in which zy
 namics worked prior to joining Google\, and\nsome of the directions in\nwh
 ich we're moving now.\n\nOn the technical level\, the talk will give an ov
 erview over our\nstructural / graph-centric algorithms\nfor executable com
 parison\, how we used these algorithms for malware\nclassification and byt
 e-signature\ngeneration\, and over our reverse-engineering IDE which permi
 ts fully\ncollaborative disassembly\nanalysis for teams of reverse enginee
 rs.
LOCATION:Lecture Theatre 1\, Computer Laboratory
END:VEVENT
END:VCALENDAR