本專題之目標在於架設 分散式惡意軟體分析系統 ,讓惡意軟體分析工作可以平行化的進行,大量減少分析時所需要的時間。
我們採用 master 與 worker 的架構來實作分散式系統,並透過自行撰寫的 master agent 與 worker agent 來執行工作的分配與report 的回傳。
-
Follow the cuckoo installation manual to setup cuckoo system enviornment.
-
Run server agent on cuckoo master node
$ java -jar cuckooServer.jar
- Run client agent on cuckoo slave node
$ java -jar cuckooWorker.jar
-
Cuckoo master will distribute malware samples to cuckoo slave and start analyzing tasks.
-
After finished tasks, cuckoo slave will transmit report (.html & .json) back to master.
- Time consumption of analyzing 50 malware samples using standalone cuckoo and distributed cuckoo system.
- Time of analysis tasks with various resources in distributed cuckoo system
- 李士暄 [email protected]
- 葉展奇 [email protected]
Please contact me via the email above. Thanks
For more detail infomration, please refer to 開源期末專題報告