O-Checker - Detection of Malicious Documents Through Deviation From File Format Specifications
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a 19-minute Black Hat conference talk that delves into the detection of malicious documents through deviations from file format specifications. Learn about the O-Checker tool, which examines various document formats used in targeted email attacks in Japan from 2009 to 2012. Discover how the tool focuses on anomalous structures within Rich Text Format, Compound File Binary, and Portable Document Format files to identify hidden executable files. Gain insights into eight classified anomalous structures and understand how O-Checker achieved a 96.1% detection rate for malicious files used in targeted email attacks in 2013 and 2014. Examine the effectiveness of this approach, which capitalizes on the stability of document file formats compared to document processors, potentially offering a long-term solution for malware detection.
Syllabus
O-Checker: Detection of Malicious Documents Through Deviation From File Format Specifications
Taught by
Black Hat
Related Courses
Malicious Software and its Underground Economy: Two Sides to Every StoryUniversity of London International Programmes via Coursera Palo Alto Networks Cybersecurity Essentials II
Palo Alto Networks via Coursera Introducción al Análisis del Malware en Windows
National Technological University – Buenos Aires Regional Faculty via Miríadax Android Malware Analysis - From Zero to Hero
Udemy How to Create and Embed Malware (2-in-1 Course)
Udemy