PPT-Malware Incident Response

Dynamic Analysis 2 CIS 6395 Incident Response Technologies Fall 2016 Dr Cliff Zou czoucsucfedu Acknowledgement Javier Nieto Hacking Blog httpwwwbehindthefirewallscom201311hacklucapturingflagv10html. MSc Information Security . Project 2013/2014. Author: Nicholas . Aquilina. Supervisor: . Dr. Konstantinos . Markantonakis. Aims and . Objectives of Project. Understand and . analyse. . current malware strategies. 2012 . IEEE/IPSJ 12. th. . International . Symposium on Applications and the . Internet. 102062596 . 陳盈妤. 1. /10. Outline. Introduction of proposed method. Previous works by catching random behavior. Sophisticated Criminals or . Babytown. Frolics?. Ryan Merritt. Josh Grunzweig. Who We Are. Josh Grunzweig. Security Researcher. Malware Reverser. Dabbles in Ruby. Homebrewer. Ryan Merritt. Security Researcher. Connor Schnaith, Taiyo Sogawa. 9 April 2012. Motivation. “. 5. 000 . new. malware samples per day”. --David Perry of Trend Micro. Large variance between attacks. Polymorphic attacks . Perform the same function. CS 598: Network Security. Michael Rogers & Leena Winterrowd. March 26, 2013. Types of Malware. Image courtesy of prensa.pandasecurity.com. Types of Malware. Viruses 16,82%. Trojan horses. 69.99%. Chapter 11: Malware Behavior. Chapter 12: Covert Malware Launching. Chapter 13: Data Encoding. Chapter 14: Malware-focused Network Signatures. Chapter 11: Malware . Behavior. Common functionality. Downloaders. 2013 international conference on computing , networking and communications, communications and information security symposium. Author : . Saeed. . Nari. , Ali A. . Ghorbani. . /17. 1. Speaker : Wen Lin Yu . Suman Jana and Vitaly Shmatikov. The University of Texas at Austin. All about sophisticated detection and evasion techniques. Polymorphism, metamorphism, obfuscation… . Modern malware research. All about sophisticated detection and evasion techniques. Software Engineering Institute. Carnegie Mellon University. Pittsburgh, PA 15213. Nancy R. Mead. Copyright . 2017 . Carnegie Mellon University. This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center.. Lesson 20. Computer Crime. The corporate world is beginning to understand that computers are just another medium for crime.. According to the 1999 CSI/FBI survey. average bank robbery yields $2,500. average computer crime nets $500,000. Meltem Ozsoy. *. , Caleb . Donovick. *. , . Iakov. . Gorelik. *. ,. Nael. Abu-. Ghazaleh. **. and Dmitry . Ponomarev. *. *. Binghamton University, . **. University of California, Riverside. HPCA 2015 - San Francisco, CA. Erdal Ozkaya . Raymond Comvalius. CISO . Infrastructure Architect. Emt. Holding . NEXTXPERT. Module Agenda. First response at a malware attack. Recognizing. malware. Identifying. UTSA IS 6353 Security Incident Response. Overview. Detection of Incidents. Basic IDS Theory. Types of IDSes. UTSA IS 6353 Security Incident Response. What is an Incident?. Incident. - an event in an information . Hazardous Materials: Managing the Incident CHAPTER 4 The Eight Step Process © : An Overview Introduction (1 of 2) On-scene response operations must: Be based on a structured and standardized system of protocols and procedures