Description: The purpose of this talk is to provide an overview of malware defenses that attempt to hinder reverse engineering efforts and provide methods and resources to overcome those obstacles. Malware authors often don't want defenders to be able to understand their creations because then they can create defenses and indicators of compromise. Anti-disassembly, anti-debugging, anti-virtualization, and packing will be discussed as well as methods to overcome common implementations. Creation of indicators of compromise and defenses for after the malware's shields are down will also be covered. It is my hope that participants will gain the basic skills and confidence to immediately start safely investigating armored malware in order to thoroughly understand and defend against infections.
Bio: Tyler is a threat researcher for Fidelis Cybersecurity where he gets to work with an amazing team. Tyler's main research interests are in reverse engineering and malware analysis. He is currently working on his doctorate in computer science. He is a SANS Lethal Forensicator and has several industry certifications including the CISSP and GREM. He likes to stay involved in the security community through several organizations and has spoken at various conferences and meetings. He also posts on his personal blog at www.tylerhalfpop.com and twitter @tylerhalfpop.
For More Information Please Visit: - http://circlecitycon.com/
http://www.irongeek.com/i.php?page=videos/circlecitycon2015/mainlist
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.