Solomon Sonya
Last known affiliation: Purdue University
Bio: Solomon Sonya is a cybersecurity practitioner and Computer Science Instructor specializing in software development, reverse engineering, applied Artificial Intelligence & Machine Learning, and digital forensics. With over a decade of experience in threat intelligence and network exploitation, he has developed innovative solutions for analyzing and mitigating cyber system vulnerabilities. Solomon’s previous speaking engagements include: Shmoocon, DEFCON, Black Hat, LeHack in Paris, Sec-T, Area41, HackCon Norway, BruCon, CyberCentral – Prague and Slovakia, Hack.Lu, BotConf, and many more.
Solomon Sonya 🗣
Abstract (click to view)
Malware continues to advance in sophistication and prevalence. Well-engineered malware can obfuscate itself from the user, network, and even the operating system running host-based security applications. But one place malware cannot easily hide itself is within volatile computer memory (ram). Although an essential part of detection engineering and exploit development, memory analysis is not trivial to master. Additionally, inefficiencies exist within the current approach of conducting memory analysis resulting in greater consumption of time and resources while reducing analysis accuracy.
This workshop solves this problem delivering a new tool that provides advanced memory analysis and releases a new construct that revolutionizes memory forensics. Additionally, this tool provides new correlation algorithms, user-interaction, and plugin aggregation to enhance analysis, increase accuracy, and completely automate the process for you saving hours of analysis time. Lastly, this tool provides a true snapshot analysis providing a better mechanism to discover and extract indicators of compromise during malware analysis. Exploit developers, reverse engineers, digital forensics experts and incident responders will walk away with a new toolkit that will revolutionize the way we perform memory forensics at the conclusion of this workshop.
Solomon Sonya 🗣
Abstract (click to view)
Malware creation and proliferation is on the rise! Generative AI and large language models (LLMs) exacerbate this issue by assisting in malware code creation and automating malware binary development, accelerating the spread of malicious software. Traditional detection mechanisms, including antivirus software, fail to adequately detect novel and varied malware. While academia & industry have studied malware classification techniques for many decades, challenges such as malware dataset standardization, sample diversity, and dataset sample size have limited the generalizability and effectiveness of these classification techniques using updated, real-world datasets. This is a practical hands-on talk in Artificial Intelligence and Natural Language Processing (NLP) that teaches the audience exactly how analyze malware using NLP and build AI classifiers for malware detection and malware family attribution. Participants will walk away with new state of the art AI models to analyze malware using NLP starting from a corpus of malicious binaries and ending with analysis from our AI models. More importantly, participants will learn how to convert these advanced frameworks into any domain in cybersecurity. Many people like to say they “use AI”, without truly knowing what is going on. This talk will actually teach and demonstrate how to code and train these AI models and apply these models to solve real world problems.