Malware Investigator

Thursday 25 September 09:00 - 09:30, Green room.

Jonathan Burns Federal Bureau of Investigation
Daniel Raygoza Federal Bureau of Investigation

  download slides (PDF)

The FBI's Operational Technology Division is responsible for research and reverse engineering of malware. The Division also develops analytic tools, including an automated malware analysis system that is now used by the bureau enterprise wide. This tool is known as the Binary Analysis Characterization and Storage System (BACSS) and it provides the FBI's investigators and net defenders with technical information about malware functionality as well as correlation so that investigators and incident responders can 'connect dots'. BACSS has been highly successful and won the 2012 ODNI Science and Technology award as well as the FBI's highest honour - the Director's Award for Technical Innovation.

Based on the success of BACSS, the FBI approved the development of a second unclassified malware analysis system that would be available to other government agencies, law enforcement, researchers and private sector partners. This system, known as Malware Investigator, will be in production by mid-2014.

In this presentation we will introduce Malware Investigator, discussing its analytic architecture, how it operates, what kind of information it produces, and how participants can gain access to the free tool. We will also discuss current research intended to enhance Malware Investigator's ability to characterize malware and uncover relationships between samples. The FBI's intent is to raise awareness and share the fruits of our research and development with others in the field, hopefully bringing the community closer together.

Click here for more details about the conference.

Jonathan Burns

Jonathan (Jon) Burns is a Supervisory Special Agent with the Federal Bureau of Investigation. Mr Burns is a program manager in the FBI's Advanced Digital Forensics Program, a program dedicated to addressing emerging technologies related to digital device forensics and the development of new analytic tools and techniques. He has served in this capacity for over eight years, at various times leading the Malware Reverse Engineering Program, the Tool Development Program, and the Advanced Digital Forensics Program. He works directly with investigators in the field and forensic analysts in his program to ensure that FBI's Special Agents have access to world-class experts to help move their investigations forward. Prior to his current position, Mr Burns' initial assignment with the Bureau was investigating international terrorism at the FBI's Washington Field Office, followed by several years as a cybercrime investigator.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.