Malware Analysis: An Introduction and Practicing What I Preach (or Stress Management Part 2)

Uncategorized,
Photo by Michael Geiger on Unsplash

My Project is….(Drum Roll Please)

Its been a while, huh? Well … about two weeks to be precise. Now maybe that isn’t that long a period of time, but it really does feel like ages to me. That is because many things have changed and shifted in CS 467 : Capstone Project. The last time I posted, we had not yet been assigned to project teams and a lot was still uncertain. Fast forward two weeks, and we are just past the planning stages of our assigned projects. We are now truly entering into the main event. I am tempted to call it the “development” period, but I won’t. For many teams, it actually is the development period for their projects, the time when they build out their software. However, that isn’t really the case for myself and my team. I have been assigned to the project “Malware Analysis”. I will get into what the goal of the project is shortly. However, the aspect of the project I have been hinting at, is that it is a research project. My team isn’t focused on building a product. We have been given an overall goal and have been tasked with generating a final report based around how we accomplished it.

You could probably tell by the project name that we will be dealing with malicious software (Malware). The project has multiple interconnected goals. The first goal is to create a safe virtual environment that an analyst can analyze malware on. This environment should be composed of multiple virtual machines that all connect to each other through a virtual network. The second goal is to use this Virtual Lab to perform actual Malware Analysis on malware samples. There are two basic types of analysis, Static and Dynamic. These are our focus. The Malware Analysis project will culminate in a final report that basically details the steps required to accomplish these two tasks. The idea is that our report can serve as a foundation for further Malware Analysis tasks, for us or for other analysts [1].

Photo by Glenn Carstens-Peters on Unsplash

Bringing it Together

Now, this blog post does have a purpose beyond just introducing my project (though it is an intriguing subject). If you recall my previous post, Blog Post 1: A Wide Open Vista, I discussed how I generally react to and deal with new (stressful) situations. I likened the feeling to emerging from a forest, where you were able to follow a path and your viewpoint was limited, onto a trackless and wide plain. I found myself in this exact situation this week. I decided that this gave me an opportunity, within this blog post, for some continuity with my previous post. I also have some new thoughts on the subject to share.

There is a difficulty, and therefore value, in bringing methods into practice. As I mentioned above, this week was the real start to the Capstone Project in many ways. Yes, my team and I spent quite a bit of time last week doing background research and fleshing out how we could accomplish those three goals for our project. However, that was for a specific and narrow goal. That goal was the completion of what amounted to a Project Plan Proposal. I had my comfort blanket, a bullet point list of what needed to be included in the report. This week, though a lot of what I’m doing is similar to my tasks last week, something feels different. This is probably for three reasons. Firstly, I no longer have my bullet point list for what to do. We did generate a breakdown of what each team member would be doing each week, but that isn’t quite the same. I only have three decently vague overall goals. Secondly, it is time to actually begin setting up the Malware Analysis virtual lab. I have emerged onto the wide open plain in my analogy from last time. Thirdly, it is hitting me that I will be purposefully interacting with Malware. This is exciting, but also a bit intimidating.

Photo by Hans-Peter Gauster on Unsplash

A Good Thing

I have mentioned this previously, but I will say it again. This sort of feeling is normal. I would venture that everyone feels this way, to some extent, whenever they are starting anything new that they want to succeed in. I feel this way all the time and that is okay. In fact, it is a good thing. This week, I recognized that a large reason I felt this way is that I care. I want to accomplish the project’s goals alongside my team and help us write a great final report. What could be wrong with that?

One of the hardest parts about new situations is getting started. You can feel stuck, not knowing where to begin. I mentioned in that first blog post that when I am in a new situation, I try to focus on “movement”. To me, that means doing anything that pushes me towards my goal. It doesn’t have to be the most efficient use of my time, the important point is that I build up momentum (an object in motion tends to stay in motion…). It is then easier to see where I am going and what I need to do to get there. In the Project Plan, our team broke down what we should each be accomplishing each week. However, somehow, this week I found myself not knowing where to begin. So, following my own advice, I just started. It didn’t really matter where I began, just that I did. So I started by downloading the hypervisor our team had decided to use to set up or virtual lab. We had decided on VMware Workstation Pro 17, for several reasons. I got it setup and designated where I would be storing our virtual machines. I could then move onto looking into where my team could download Disc Image Files (ISOs) for the Operating Systems we wanted to use on the virtual machines. This then led me to researching how VMware Workstation Pro 17 allows users to configure virtual networks. I went on from there. The technicalities aren’t the important part here. Once I got going, it became much easier to decide what I would do next.

Lastly, I wanted to mention something that I did not cover in the last blog post. Having a team can be great when you are faced with uncertainty. I recommend talking to them if you are feeling unsure about your direction. The process of bouncing ideas off of my teammates and discussing what each of us was doing helped me immensely in determining where I was going this week.

Photo by sydney Rae on Unsplash

Closing Thoughts

I started off this week a bit worried to be honest. I am sure I’m not the only one. However, I am now feeling quite positive and confident (I hope you are too). Yet, I am hesitant to offer advice to anyone. Chances are that I do not know you well. However, I can say that my methods work well for me. This last week has only further demonstrated that for me. I believe part of it is getting to know yourself. Luckily, I am mostly aware of where my stress is stemming from. That allows me to target it. That being said, maybe my thoughts will resonate with someone else. I hope we all have a great term!

References

  1. “Malware Analysis, EECS Project Portal. , https://eecs.engineering.oregonstate.edu/capstone/submission/pages/viewSingleProject.php?id=pf4xE8KXc0Jf8Td8. [Accessed: Jan 25, 2023]
Print Friendly, PDF & Email

Leave a Reply

Your email address will not be published. Required fields are marked *