Finding the Signal in the Noise - Quantifying Advanced Malware
Offered By: YouTube
Course Description
Overview
Explore advanced malware analysis techniques in this 44-minute conference talk from DerbyCon 3.0. Delve into the process of finding valuable insights within large datasets of malware samples. Learn about the initial goals of the research, the importance of sample size, and the results obtained from day one analysis. Discover insights on signed binaries, Microsoft's role, APT wonders, and Android keys. Examine the PCKey issuer and discuss next steps for improving malware analysis, including better grouping methods and identifying active threats. Understand why Cuckoo Sandbox is not utilized in this approach. Gain valuable knowledge to enhance your ability to quantify and analyze advanced malware in the ever-evolving cybersecurity landscape.
Syllabus
Intro
You can find nuggets of gold
Our initial goals
Size does matter
Results
Day 1 Analysis
Signed binaries
Microsoft King
APT Wonders
Android Keys
PC
Key
issuer
next steps
better grouping
who is active
why we dont use Cuckoo
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network