Optimizing Malware Analysis

In the spring semester of 2023, I had the opportunity to intern under the Naval Information Warfare Center Pacific for cybersecurity. One of the major tasks we were given as interns was to find a problem related to cybersecurity and conduct research in order to provide a solution. I was interested in malware analysis at the time, so I decided to do my project on the current techniques and protocols used. That is, how the current techniques and protocols can be improved significantly. The entire research project took around 200 hours to complete.

As a full-time student and the sole researcher on this project, it was imperative that I managed my time well and stuck to my deadlines. Not only was I responsible for conducting the research, it was crucial to analyze and connect this research to discover a potential improvement. In my case, I had discovered that dynamic malware analysis could be more efficient if samples were run for a more specific amount of time. The longer it runs, the more diminishing returns there are, wasting the valuable time of analysts. Another recommendation I made was to alter the system of how malware is triaged/classified. The details can be found in the essay linked below.

Being my first internship, this was a great opportunity to develop myself professionally while learning new computer science concepts. I feel that I strengthened my own writing skills, and I also learned how to use Microsoft Office tools for the first time. Towards the end of the internship, we had to present our findings to local politicians, NIWC employees, students, and professors. This was a great opportunity to practice being able to explain my ideas and findings in a way that is understandable by anyone, and adjusting for more or less technical audiences. I am very grateful for this opportunity, as I gained valuable experience and skills for my future career.

You can read my research paper here: Achieving Consistency and Efficiency in Malware Analysis.