Profile: CyberDetect deals with unknown threats (by code modifications or obfuscations), targeted threats (designated to break a specific defense) and Automated Persistent Threats detection by Morphological Analysis. Morphological analysis relies on the abstraction of control flow graphs from executable codes. Programs can then be compared via their control flow graph. Control flow graph are built from files or from execution traces. In the latter case, we run the program within a home made environment which bypass most of anti-analysis mechanisms. Then, we use dynamic symbolic execution in order to improve the control flow graph. The set of tools is now transferred to the new start-up Cyber-Detect located at Nancy, France.
Expertise and Role in CONCORDIA: CYD will participate in all WPs and will bring its knowhow on Automated Persistent Threat detection in an effort to create relevant services and tools in the CONCORDIA project. SYD wiil also contribute in CONCORDIA Certification activities.
Links: Cyber Detect