Special Communications Security Establishment (CSE), Canada’s main signs statistics agency, has made a malware scanning and analytics tool called AssemblyLine as open-source by releasing the code. assembly line tool can analyze massive volumes of files and also rebalance workload automatically.
When the scanning manner, all file is assigned a unique identifier, and user-defined analytics engines scan it to assess the maliciousness of the code. The file is then assigned a score equally, and if a file is identified to be malicious, then it has to go within other protective mechanisms.
The CSE hopes that by obtaining the code open-source and free, the data security or InfoSec community will be prepared to acquire more tools and come up with innovative designs of detecting malicious files. Designated users can access the AssemblyLine source code at Atlassian’s Bitbucket repository. It is worth noting that the CSE made the software public without commercial or proprietary technology.
This isn’t the first time an agency has released the source code of software since the US NSA/National Security Agency has also publicly released a number of infosec tools such as Secure Extensions for Linux (SELinux) and GCHQ/Government Communications Headquarters of Britain also has a code repository on Github and has already made various tools open-source
The primary purpose of using AssemblyLine is to help questioners from checking them to manually inspect the files and allowing them enough time and space so that they could focus upon incoming malware. Mainstream anti-virus programs like Kaspersky, McAfee, BitDefender, and F-Secure can also be used for scanning with AssemblyLine while the tool can connect with the VirusTotal anti-virus scanning service through an application programming key.
CSE’s IT security head Scott Jones told CBS News that, AssemblyLine is “a tool that helps our analysts know what to look at because it’s overwhelming for the number of people we have to be able to protect things.”
The CSE has dubbed it an “unprecedented step” as it is the first electronic spy agency that has released its own developed cyber defense tool to the public. The agency hopes that organizations will be able to defend their data and sites from cyber threats better.
Self-governing researcher and a portion of University of Toronto’s Citizen Lab, Bill Robinson, has dubbed the step of CSE as “big change” and “a sea of change.” As for, AssemblyLine; the tool is available on BitBucket.