Malware malicious software which is specifically designed to disrupt, damage, or gain authorized access to a computer system Analysis detailed examination.

Slides:



Advertisements
Similar presentations
Practical Malware Analysis
Advertisements

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Dean Carlson and Beth Anne Byrd CpSc 420.  What is reverse engineering?  Brief History  Usefulness  The process  Bagle Virus example.
Embedded Systems Programming Introduction to cross development techniques.
1-1 Embedded Software Development Tools and Processes Hardware & Software Hardware – Host development system Software – Compilers, simulators etc. Target.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Course: Introduction to Computers
Types of software. Sonam Dema..
Automated Malware Analysis
To run the program: To run the program: You need the OS: You need the OS:
Code Injection and Software Cracking’s Effect on Network Security Group 5 Jason Fritts Utsav Kanani Zener Bayudan ECE 4112 Fall 2007.
F13 Forensic tool analysis Dr. John P. Abraham Professor UTPA.
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.
Application Security Tom Chothia Computer Security, Lecture 14.
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
High-level Languages.
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
COMP25212: Virtualization Learning Objectives: a)To describe aims of virtualization - in the context of similar aims in other software components b)To.
Binary Auditing Geller Bedoya Michael Wozniak. Background  Binary auditing is a technique used to test the security and discover the inner workings of.
Ether: Malware Analysis via Hardware Virtualization Extensions Author: Artem Dinaburg, Paul Royal, Monirul Sharif, Wenke Lee Presenter: Yi Yang Presenter:
Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,
Monnappa KA  Info Security Cisco  Member of SecurityXploded  Reverse Engineering, Malware Analysis, Memory Forensics 
CMSC 150 INTRODUCTION TO COMPUTING CS 150: Wed 11 Jan 2012.
EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.
Malware Analysis Jaimin Shah & Krunal Patel Vishal Patel & Shreyas Patel Georgia Institute of Technology School of Electrical and Computer Engineering.
Introduction to Information Security מרצים : Dr. Eran Tromer: Prof. Avishai Wool: מתרגלים : Itamar Gilad
RIVERSIDE RESEARCH INSTITUTE Deobfuscator: An Automated Approach to the Identification and Removal of Code Obfuscation Eric Laspe, Reverse Engineer Jason.
WHAT IS HARDWARE? Hardware refers to the set of components that make up the internal part of a computer. In case of the personal computers, it doesn’t.
November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:
Mastering Windows Network Forensics and Investigation Chapter 10: Introduction to Malware.
Disclaimer The Content, Demonstration, Source Code and Programs presented here is "AS IS" without any warranty or conditions.
Computer Science Faculty School of Software Engineering C INTERPRETER AND DEBUGGER (ISO/IEC 9899:2011) Developer: student of 203SE group: Lukyanov Dmitry.
 Programming - the process of creating computer programs.
Virtualization One computer can do the job of multiple computers, by sharing the resources of a single computer across multiple environments. Turning hardware.
Software Development Introduction
Design and implementation Chapter 7 – Lecture 1. Design and implementation Software design and implementation is the stage in the software engineering.
Introduction to Reverse Engineering
2014 Unsupervised Malware Classification: How Bad Software Can Find its own Kind Shannon Steinfadt, Ph.D., Juston Moore, Micah Yates Los Alamos National.
Software Reverse Engineering Binary analysis: concepts, methods and tools. Catalin Patulea Mar 5, 2008.
Programming 2 Intro to Java Machine code Assembly languages Fortran Basic Pascal Scheme CC++ Java LISP Smalltalk Smalltalk-80.
Reverse Engineering Contemporary Countermeasures By: Joshua Schwartz.
General information Course web page:
Lab assignments Follow each lab walkthrough in textbook
CHAPTER 4 Methodology.
COMP 2100 From Python to Java
Why don’t programmers have to program in machine code?
Detect Malware No One Else Can… Rapidly Identify it’s capabilities, Mitigate the Threat with Actionable Risk Intelligence.
Static and dynamic analysis of binaries
Introduction to programming languages, Algorithms & flowcharts
Malware Reverse Engineering Process
Introduction to programming languages, Algorithms & flowcharts
Dynamic Analysis ddaa.
Malware Reverse Engineering Process
Microprocessor and Assembly Language
Malware Incident Response  Dynamic Analysis - 2
R
2.1. Compilers and Interpreters
Chapter 2. Malware Analysis in VMs
Introduction to programming languages, Algorithms & flowcharts
Lab assignments Follow each lab walkthrough in textbook
C Prog. To Object Code text text binary binary Code in files p1.c p2.c
Lesson Objectives Aims Key Words Compiler, interpreter, assembler
COEN 252 Computer Forensics
The Next Generation Cyber Security in the 4th Industrial Revolution
Information Security - 2
Tools.
Hiding Malware Rootkits
System Programming By Prof.Naveed Zishan.
Talking Malware Analysis with MITRE
Presentation transcript:

Malware malicious software which is specifically designed to disrupt, damage, or gain authorized access to a computer system Analysis detailed examination of the elements or structure of something 101 showing the most basic knowledge about a subject

C:\>whoami “AC”\@AndrewCostis

Threat Research & Incident Response Engineer C:\>whoami Threat Research & Incident Response Engineer

Goals of Malware Analysis Risk Impact Commodity Vs Targeted Defence! IOC’s / TTP’s Attribution Threat Intel Reports Fun! Profit!$$$

Dissasemble Source Code if (varX == 001EFD70) Assembly Code mov eax,varx Machine Code 8B F0 Binary Code 01101011 Compile

:Code Patterns: mov eax, varX cmp eax, 0x01EFD704 jne code B Run code A jmp end if (varX == 0x01EFD704) { run code A } else { run code B } end

:Types of Analysis: Executable Files (. exe,. elf) Office Docs (. xls, :Types of Analysis: Executable Files (.exe, .elf) Office Docs (.xls, .doc, .pdf) Scripting (JS, Python, Perl) Memory Forensics

:Knowledge: OS Internals Intel x86 CPU & Assembly File Formats RFC’s Coding

:Tools: Network Sniffer Virtualization Vs HW Vs Cloud Sandbox Monitoring Tools Debugger (advanced) Disassembler (advanced) Malware!

Static Vs Dynamic

Static (Advanced) IDA PRO - Disassembler

Dynamic (Advanced) Olly - Debugger

Evasive Tactics

Code Obfuscation VM Escape Junk Code IsDebuggerPresent API Targets Specific OS Time/Date Based And Many More!!

:Personality Traits: Team Player  Patient  Persistent  Inquisitive  Articulate  Crazy?!   

Sharing IS Caring!

RTFM /Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.