Distributed and collaborative malware analysis with MASS

Malicious software poses a great risk to critical infrastructure. Researchers have proposed numerous ways to analyze malware behavior in order to understand and respond to this threat. However, only little attention has been paid to the organization of the malware analysis process itself. In this paper we present the Malware Analysis and Storage System (MASS), a novel framework for malware analysis. MASS is designed as a distributed and scalable system and aims to empower cooperation between malware researchers. We will describe the central aspects of the framework and explain the malware analysis process flow. Furthermore, we will present a performance evaluation to demonstrate the suitability of the framework for typical malware analysis tasks