A desirable characteristic of programming code assessment is to provide the learner the most appropriate information regarding the code functionality as well as a chance to improve. This can be hardly achieved in case the number of learners is high (500 or more). In this paper we address the problem of risky code testing and availability of an assessment platform Arena, dealing with potential security risks when providing an automated assessment for a large set of source code. Looking at students' programs as if they were potentially malicious inspired us to investigate separated execution environments, used by security experts for secure software analysis. The results also show that availability issues of our assessment platform can be conveniently resolved with task queues. A special attention is paid to Docker, a virtual container ensuring no risky code can affect the assessment system security. The assessment platform Arena enables to regularly, effectively and securely assess students' source code in various programming courses. In addition to that it is a motivating factor and helps students to engage in the educational process.
Analysis of software behaviour and its other properties is largely used as a method for uncovering malicious features in software, especially in cases of unknown malware. Traditional malware signatures can be circumvented, e.g. by obfuscation, therefore in our endeavour to formulate malware behavioural signatures we study behaviour and various properties detectable in malware. However, in this article we present different point of view on this issue. In our experiments we analyse a set of freely available software that is harmless and compare data extracted from analysis with malicious programs. In this article we focus on results related to so-called packing and show that this typical malware feature may be present in harmless software as well.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.