Software Security with CCCS Assemblyline
Posted on Monday, November 30th, 2020
| Client | Wynn Fenwick |
| Professor(s) | Wahab Almuhtadi, |
| Program | Computer Engineering Technology – Computing Science |
| Students | • Liam Henderson • Liam Henley-Vachon • Joshua Mukasa |
Project Description:
Assemblyline is a malware detection and analysis system developed by the Canadian Center for Cyber Security. We researched use cases where Assemblyline 4 beta could be included as part of a continuous integration pipeline as part of our research over the summer. We also extended Assemblyline with enhancements such as an extended CLI and a Python code linting service.
We learned about Python programming in the context of developing a service for Assemblyline as well as extending its CLI. We created Dockerfiles to run our service, and researched topics relating to docker and docker-compose. Code security was a major focus of this project, both from open-source and closed source projects. Google Cloud Platform was our choice for a VPS provider, and the majority of our work with Assemblyline was done on our GCP instance.
Short Description:
Assemblyline could be used in a Continuous Integration pipeline. Using a beta of version 4, we developed extended CLI functionality and a service that could perform static analysis of code, on top of developing use cases for Assemblyline in CI.
Funded By