Replacing the core library of Quark-Engine
- Mentors
- JunWei Song, KunYu Chen
- Organization
- The Honeynet Project
In this proposal, I mainly focus on two dimensions provided by Quark-Engine, including resilience and performance. According to the mentor, there are some critical issues needed to solve below.
Resilience
For maintainability, it is necessary to deprecate Androguard, which is not a maintained library anymore, for Quark-Engine. Radare2 is an alternative tool recommended by the mentor and can replace all the functions of Androguard. The proposal aims at continuously improving the new core library until it is reliable enough to be used in Quark-Engine.
Performance
Quark-Engine consumes many resources when analyzing a big file due to the core library and the sequential computation. We found that replacing Androguard can solve the former issue. And introducing parallel computing solves the latter, too. As a result, I plan to make Quark-Engine parallel with the following improvement strategy.
- Optimize the analysis algorithm.
- Introduce the concept of parallel computing into Quark-Engine.