<p>File sizes are increasing on a daily basis and today's best tools are ill suited to cope with the growing analytic load. Most tools are designed to identify just file formats or crudely extract strings and match patterns, but our approach looks inside large binary objects, such as complex files and memory dumps, to find interesting, but similar regions, such as text, code, variable and fixed length data structures as well as the use compression and encryption,. As a result, an analyst needn't examine the entire file, but instead can hop from identified region to identified region, greatly speeding their work. This talk will also include the release of an extensible binary mapping tool that you can try out on your own.</p>
Ben Sangster is a Computer Science Instructor at the United States Military Academy, West Point, NY. His research includes binary object identification in support of information assurance, behavior-based information security, and virtualization of computer science curriculum. </p>
Roy Ragsdale is a computer science major at the United States Military Academy. His research interests include binary analysis, assembly language, and robotics. Roy is also a member of West Point's Parachute Team. </p>
Greg Conti is an Assistant Professor of Computer Science at the United States Military Academy, West Point, NY. His research includes security data visualization and web-based information disclosure. He is the author of Security Data Visualization (No Starch Press) and Googling Security (Addison-Wesley). His work can be found at <a href="http://www.gregconti.com">www.gregconti.com</a> and <a href="http://www.rumint.org">www.rumint.org</a>. </p>