PPT-Enabling Distributed Threat Analysis: Common Attack Patterns and Malware Characterization

Sean Barnum Penny Chase Aug 2011 Premise Building secure systems and effectively responding to incidents requires an understanding of the relevant threats An actionable understanding of todays . Author : . Yajin. Zhou, . Xuxuan. Jiang. TJ. Index of this paper. Introduction. Malware Timeline. Malware Characterization. Malware Installation. Repackaging. Update Attack. Drive-by Download. Others. MARS.MTC.SRI.COM. Motivation. Malware landscape is diverse and constant evolving. Large botnets. Diverse propagation vectors, exploits, C&C. Capabilities – backdoor, keylogging, rootkits,. Logic bombs, time-bombs. By: Shane . Binkerd. , Shane Moreland,. Travis . Gardner. Amphimix. Appeared . in . 2004. Trojan Horse. D. isguised . as an MP3 . file. Including . the MP3 . icon. Leap. First . appeared in 2006. Worm. 11 Most Common Computer Security Threats (Virus). Threat #1: Virus. A . virus. is a piece of software that can replicate itself and infect a computer without the permission or knowledge of the user. with Open Source tools. Cornerstones of Trust 2014. @. jaimeblasco. @. santiagobassett. Presenters. JAIME BLASCO. Director . AlienVault. Labs. Security Researcher . Malware Analyst. Incident Response. and . Next Generation Security. Joe Metzler, Network Security Architect, Intel Security. 2. Source: McAfee Labs Threats Report: First Quarter 2014. Threat Landscape . New threats every minute, or . almost 4 every . Sean O’Neil. Cyber security advisor. Sean O’Neil; Over 30 years experience in the Police. Previous role was Detective Chief Inspector with regional major crime unit.. Senior Investigating Officer (SIO) for Murder, kidnap, extortion and product contamination. Mike Grimm. November 8, 2012. Goals for a Security Development Process (“SDL”). Secure by Design. Reduce the number of vulnerabilities. Which reduces the number of security updates. But you can never remove all vulnerabilities. Next-Gen Endpoint Protection. July 2017. Larry Herzog Jr., CISSP. Channel Sales Engineer. HD Phishing. 2. Locally targeted. 3. RTB. Ad network. Third party. Malvertising. threat chain. No site is immune. 2016. IBM X-Force . Threat . Intelligence Report. Chris Poulin. Research Strategist, X-Force. IBM Security. April 2016. IBM . X-Force. is the foundation for advanced security and threat research across the IBM Security Framework.. Santiago Polo. Sr. Systems Engineer. Palo Alto Networks, Inc.. About Palo Alto Networks. Palo Alto Networks is the . Network . Security . Company. World-class team with strong security and networking experience . and . Next Generation Security. Joe Metzler, Network Security Architect, Intel Security. 2. Source: McAfee Labs Threats Report: First Quarter 2014. Threat Landscape . New threats every minute, or . almost 4 every . Analysts. “Decrease exposure time from . d. etection to . e. radication”. Garrett Schubert – EMC Corporation. Critical Incident Response Center. Incident Response\Content Lead. Surgery on the front lines.