This project will investigate the use of offensive binary analysis techniques to extract data from program binaries for use by a runtime diagnostic engine capable of malware detection and response. The open-source Angr framework provides the basis for the tools used to collect the analysis data needed to support a diagnostic engine. A diagnostic engine capable of using these collected results will be prototyped and used to demonstrate short time-scale attack detection, diagnosis and response. The diagnostic engine will also continuously report current threat assessments for additional autonomous analysis and cyber-analyst support.malware detection,malware response,malware diagnosis,malware characterization,avionics cyber security,fight-through-the-attack,offensive binary analysis,Cyber Threat Assessment
