Generating YARA Rules by Classifying Malicious Byte Sequences
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a 27-minute Black Hat conference talk on developing an interpretable machine learning model for generating optimized malware detection signatures. Dive into the process of creating YARA rules by classifying malicious byte sequences, achieving high detection rates with minimal false positives. Learn about stacking convolutions, model training techniques, and signature generation methods. Discover how this approach combines the benefits of machine learning with the transparency and efficiency of signature-based detection for ELF executables targeting i386 and amd64 architectures.
Syllabus
Intro
intro & motivation
making an interpretable model
stacking convolutions
how the model works
model training - finding needles in a haystack
model training - top-k selection
training the model fitting onto a su
training the model - reducing FPS
signature generation - in bulk
signature efficacy
future work
Taught by
Black Hat
Related Courses
Introduction to Artificial IntelligenceStanford University via Udacity Natural Language Processing
Columbia University via Coursera Probabilistic Graphical Models 1: Representation
Stanford University via Coursera Computer Vision: The Fundamentals
University of California, Berkeley via Coursera Learning from Data (Introductory Machine Learning course)
California Institute of Technology via Independent