Internet-Scale File Analysis
Offered By: Black Hat via YouTube
Course Description
Overview
Explore an advanced system for large-scale malicious file analysis in this 46-minute Black Hat conference talk. Delve into the challenges of analyzing diverse file types beyond traditional PE32 files, including PDFs and Office documents. Learn about TOTEM, a cloud-based orchestration system capable of coordinating and scaling malware analytics across multiple providers and thousands of instances. Discover how TOTEM intelligently segregates work based on file type, analysis duration, and computational complexity. Examine DRAKVUF, an open-source dynamic malware analysis system designed for unparalleled scalability, stealth, and visibility. Understand how DRAKVUF leverages Intel's hardware virtualization extensions and the Xen hypervisor to remain hidden from executing samples while monitoring both kernel-mode rootkits and user-space applications. Gain insights into the design, implementation, and practical deployment of TOTEM and DRAKVUF for analyzing vast numbers of binary files at an internet scale.
Syllabus
Internet-Scale File Analysis
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube