PPT-Using Malware Analysis to Identify Overlooked Security Requ

Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213 Nancy R Mead Copyright 2017 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No FA872105C0003 with Carnegie Mellon University for the operation of the Software Engineering Institute a federally funded research and development center. MSc Information Security . Project 2013/2014. Author: Nicholas . Aquilina. Supervisor: . Dr. Konstantinos . Markantonakis. Aims and . Objectives of Project. Understand and . analyse. . current malware strategies. MARS.MTC.SRI.COM. Motivation. Malware landscape is diverse and constant evolving. Large botnets. Diverse propagation vectors, exploits, C&C. Capabilities – backdoor, keylogging, rootkits,. Logic bombs, time-bombs. 2012 . IEEE/IPSJ 12. th. . International . Symposium on Applications and the . Internet. 102062596 . 陳盈妤. 1. /10. Outline. Introduction of proposed method. Previous works by catching random behavior. Sophisticated Criminals or . Babytown. Frolics?. Ryan Merritt. Josh Grunzweig. Who We Are. Josh Grunzweig. Security Researcher. Malware Reverser. Dabbles in Ruby. Homebrewer. Ryan Merritt. Security Researcher. Journey to a “Real Living Wage”. The Bare Necessities … . More than two out of five NYC households – over . 940,000. households – lack enough income to cover necessities such as food, shelter, health care, and child care.. Today's security check-up and malware for the rest of us. Jared DeMott, . lifelong haX0r. Qualified for this talk?. You decide … rounded out by groups, cons, and talks like this. NSA. My deep dive into a whole new world - security focused. Connor Schnaith, Taiyo Sogawa. 9 April 2012. Motivation. “. 5. 000 . new. malware samples per day”. --David Perry of Trend Micro. Large variance between attacks. Polymorphic attacks . Perform the same function. 2013 international conference on computing , networking and communications, communications and information security symposium. Author : . Saeed. . Nari. , Ali A. . Ghorbani. . /17. 1. Speaker : Wen Lin Yu . and . Next Generation Security. Joe Metzler, Network Security Architect, Intel Security. 2. Source: McAfee Labs Threats Report: First Quarter 2014. Threat Landscape . New threats every minute, or . almost 4 every . Insert Copyright statement here. See notes page for Copyright Text.. February 9th, 2017. Contributing Analyst, Patrick Donegan. Agenda. . Key Trends. Mobile Security Threats. Progress In Software Programmability. Analysts. “Decrease exposure time from . d. etection to . e. radication”. Garrett Schubert – EMC Corporation. Critical Incident Response Center. Incident Response\Content Lead. Surgery on the front lines. Online Ba n king Channels T he t h r e a t – DYRE and GOZI Trojan malware :  While neither threat is new, s ecurity analysts have detected a recent rise in fraud attempts using two variants of Christoph Csallner. , University of Texas at Arlington. . http://ranger.uta.edu/~csallner/. . Joint work with: . Shabnam Aboughadareh. This material is based upon work supported by the National Science Foundation under Grants No. 1017305, 1117369, and 1527398. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.. Computer Security. The goal of computer security is to protect computer assets (. e.g.,. servers, applications, web pages, data) from:. corruption. unauthorized access. denial of authorized access. malicious software.