[Vol-dev] ITES and logformat

Hello My name is Thorsten Sick, I am Researcher at Avira. Currently I am part of the ITES project. This project's aim is to develop detection/protection technology using the benefits from a guest system running in a virtual machine. Short: Sensors in the VM and in the hypervisor layer. One of my first steps would be to automate Malware analysis and use some big guns. Volatility would be a big gun. Combined with cuckoobox it could be very powerful. But for that volatility needs: - A log format that could be parsed in a simple way (JSON ?) for the plugins - Maybe some nice API to control it from Cuckoobox I am ready to implement that. But before doing stuff only half I would love to hear your opinion. Especially if you have some whishes what exactly should be in those logs, please tell me. If you maintain a plugin, please tell me. I am ready to write the log code or we try to figure out a format and you can code it yourself. What I am doing here should have benefits for the community-if done right. You can also find me in the IRC. Thanks Thorsten -- Thorsten Sick, Research Avira Operations GmbH & Co. KG Kaplaneiweg 1 88069 Tettnang Germany Phone: +49 7542-500 0 Fax: +49 7542-500 3000 Internet: http://www.avira.com