O-checker: Detection of Malicious Documents Through Deviation from File Format Specifications describes a powerful tool, o-checker, that specializes in identifying documents containing malware-infected executable files. O-checker detected 96.1% of malicious files hidden in targeted email attacks in 2013 and 2014. Targeted emails attacks normally inject malware in various document formats. This talk will examine the techniques used for hiding infected files and discloses why o-checker is projected to maintain a high malware detection rate.
Next-Generation of Exploit Kit Detection by Building Simulated Obfuscators reveals that exploit-kits are driving epidemic levels of malware delivery. Each exploit-kit has a obfuscator, which transforms malicious code to obfuscator code to bypass firewall detection. Many researchers examine the obfuscated page instead of the actual obfuscator since purchasing an obfuscator that was utilized by an exploit-kit is incredibly expensive. This Briefing will introduce a cost-effective method of building simulated obfuscators to conduct in-depth examinations and reduce malware attacks.
An AI Approach to Malware Similarity Analysis: Mapping the Malware Genome With a Deep Neural Network introduces a new method of detecting malware codes, which is easier to manage and more efficient than traditional systems. Standard malware detection systems require constant, manual effort in adjusting the formula to identify malware similarities. This new malware detection approach significantly reduces manual adjustments in the formula and is the first to use deep neural networks for code sharing identification. This talk will explain how the new malware detection approach operates and provides examples of its improved accuracy.
If you’re interested in a hands-on experience detecting malware, Hunting Malware Across the Enterprise teaches students how to track malware without having an obvious starting point. This nearly sold out Training will dive deep into the threat landscape, indicators of compromise, and scripting--which will help in your search for malware. If you want to take a highly-technical course that challenges malware defense mechanisms, check out Advanced Malware Analysis. This Training teaches students how to combat anti-disassembly, anti-debugging and anti-virtual machine techniques.
To stay up-to-date with the latest information security research, take a look at the Briefings and Trainings we’ve lined up for Black Hat USA 2016. We hope you join us at Mandalay Bay in Las Vegas, Nevada, July 30-August 4 for the biggest week in InfoSec.