Yuriy Yuzifovich
Last known affiliation: Alibaba Cloud
Anastasia Poliakova 🗣 | Andreas Pfadler 🗣 | Yuriy Yuzifovich | Ali Fakeri-Tabrizi | Gan Feng | Hongliang Liu | Thanh Nguyen
Abstract (click to view)
In this session, we will present our approach for detecting newly emerging malware on a cloud platform and predicting its behavior, and doing so before VirusTotal or any other 3rd party detection engine can report it.
We will specifically describe our methodology for detecting emerging malware and predicting its behavior by combining an anomaly detection engine (we refer to as ‘GAD’ – General Anomaly Detection system), and a graph pattern-learning machine.
Yuriy Yuzifovich 🗣 | Hongliang Liu | Alexey Sarychev | Amir Asiaee
Abstract (click to view)
We propose and implement a novel method of discovering botnet activities by identifying new core domains (domains that are directly below a TLD) that appear in real-time DNS query traffic as suspicious, and discovering botnet C&C groups using a domain correlation machine learning model. This method discovers botnet C&C groups before security list vendors which it is benchmarked against.