Automated Mapping of Large Binary Objects

<p>File sizes are increasing on a daily basis and today's best tools are ill suited to cope with the growing analytic load. Most tools are designed to identify just file formats or crudely extract strings and match patterns, but our approach looks inside large binary objects, such as complex files and memory dumps, to find interesting, but similar regions, such as text, code, variable and fixed length data structures as well as the use compression and encryption,. As a result, an analyst needn't examine the entire file, but instead can hop from identified region to identified region, greatly speeding their work. This talk will also include the release of an extensible binary mapping tool that you can try out on your own.</p>

Presented by

Links