Dynamic symbolic execution for malware reverse-engineering
Dynamic symbolic execution for malware reverse-engineering Botconf 2015 Lightning talks Robin David 🗣 Edit PDF
Dynamic symbolic execution for malware reverse-engineering Read More »
Botconf 2015
Cymon.io – Open threat intelligence for fighting botnets
Cymon.io – Open threat intelligence for fighting botnets Botconf 2015 Lightning talks Roy Firestein 🗣 External link: Project website Edit PDF
Cymon.io – Open threat intelligence for fighting botnets Read More »
Automatic MIME attachments triage
Automatic MIME attachments triage Botconf 2015 Lightning talks Xavier Mertens 🗣 Edit PDF
Automatic MIME attachments triage Read More »
Wrestling elephants: Tackling malware research issues (The Name Game)
Wrestling elephants: Tackling malware research issues (The Name Game) Botconf 2015 Lightning talks Wayne Crowder 🗣 Edit PDF
Wrestling elephants: Tackling malware research issues (The Name Game) Read More »
Air-gap limitations and bypass techniques: “command and control” using Smart Electromagnetic Interferences
Air-gap limitations and bypass techniques: “command and control” using Smart Electromagnetic Interferences Botconf 2015 Friday | 11:50 – 12:30 Chaouki Kasmi 🗣 | José Lopes Esteves 🗣 | Philippe Valembois 🗣 Air gaps are generally considered to be a very efficient information security protection. However, this technique also showed limitations, involving finding covert channels for bridging the air gap.
(Mostly) Polish threat landscape: not only VBKlip
(Mostly) Polish threat landscape: not only VBKlip Botconf 2015 Wednesday | 14:20 – 14:50 Łukasz Siewierski 🗣 Last year, I presented a talk about Polish malware authors. Since then, we acquired even more knowledge and Polish malware market evolved slightly. Of course, there still are ”hacker” forums, which use simple, leaked and cracked keyloggers and
(Mostly) Polish threat landscape: not only VBKlip Read More »
Sandbox detection for the masses: leak, abuse, test
Sandbox detection for the masses: leak, abuse, test Botconf 2015 Wednesday | 14:00 – 14:20 Zoltan Balazs 🗣 Manual processing of malware samples became impossible years ago. Sandboxes are used to automate the analysis of malware samples to gather information about the dynamic behaviour of the malware, both at AV companies and at enterprises. Some
Sandbox detection for the masses: leak, abuse, test Read More »
DGA clustering and analysis: mastering modern, evolving threats
DGA clustering and analysis: mastering modern, evolving threats Botconf 2015 Wednesday | 12:40 – 13:00 Aliaksandr Chailytko 🗣 | Aliaksandr Trafimchuk 🗣 | Ron Davidson Conficker was the first to introduce Domain Generation Algorithms to the malware world. Today’s modern malware practically use it as a basic building block. Malware researchers have tackled this problem with various tools and
DGA clustering and analysis: mastering modern, evolving threats Read More »
Behavior-driven development in malware analysis
Behavior-driven development in malware analysis Botconf 2015 Friday | 15:20 – 16:00 Thomas Barabosch 🗣 A daily task of malware analysts is the extraction of behaviors from malicious binaries. Such behaviors include domain generation algorithms, cryptographic algorithms or deinstallation routines. Ideally, this tedious task would be automated. So far scientific solutions have not gotten beyond
Behavior-driven development in malware analysis Read More »
A moose once bit my honeypot – A story of an embedded Linux botnet
A moose once bit my honeypot – A story of an embedded Linux botnet Botconf 2015 Friday | 14:40 – 15:20 Olivier Bilodeau 🗣 Embedded Linux platforms, labeled “Internet of Things” devices these days, have been increasingly targeted by malware authors in the last few years, with most infections resulting in the compromised system taking
A moose once bit my honeypot – A story of an embedded Linux botnet Read More »