Advanced Techniques for Real Time Detection of Polymorphic Malware

Explore advanced techniques for real-time detection of polymorphic malware in this 25-minute conference talk from BSidesSF 2016. Delve into various methods used to identify and classify malware that evades traditional signature-based detection. Learn about approximation matching algorithms like ssdeep and newer approaches using bloom filters. Compare the efficiency and performance of these algorithms in detecting polymorphic threats. Discover techniques to reduce lookup time for comparing new files against large databases of existing hashes, enabling faster detection of similar files. Examine the application of these methods to polymorphic malware classification, supported by real-world data analysis. Gain insights into the performance of these algorithms, considering both speed and success rates in practical scenarios.

BSidesSF 2016 - Adv techniques for real time detection of polymorphic malware (Ajit Thyagarajan)