Black Hat //Webcast 36
Challenges and results in automatic malware analysis and classification
// Stefano Zanero
With the astonishing rate of new and modified malware samples being released daily, automation of analysis is needed to classify and cluster together similar samples, exclude basic and uninteresting variations, and focus costly manual analysis work on novel and interesting features. We will discuss the challenges in analyzing large malware datasets in a (semi)automatic fashion, and some recent research results that may help with the task.
Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an assistant professor with the Dipartimento di Elettronica e Informazione. His research focuses on intrusion detection, malware analysis, and systems security. Besides teaching "Computer Security" at Politecnico, he has an extensive speaking and training experience in Italy and abroad, at both scientific and technical forums. He co-authored over 30 scientific papers and books. He is an associate editor for the "Journal in computer virology". He's a Senior Member of the IEEE (covering volunteer positions at national and regional level), and of the IEEE Computer Society (for which he is the current chair of the Italy chapter). He's also a member of the ACM. Stefano co-founded the italian chapter of ISSA (Information System Security Association), and sits in the International Board of Directors of the same association. In 2004, Stefano founded Secure Network, a boutique security consultancy based in Milano, Italy. Secure Network's consultants and alumni are regular speakers at security conferences worldwide.
Chris Larsen, Malware Research Team Leader, Blue Coat Systems, Inc.
Chris has 20+ years of experience in writing code and natural language processing. At Blue Coat, he leads the Malware Research Team, with a focus on Internet malware vectors. He edits the Blue Coat Security Blog (www.bluecoat.com/security/blog) and is one of its main contributors. He also develops Asian language modules for Blue Coat's WebPulse system. Earlier, he was the lead engineer and linguist developing Blue Coat's real-time rating software. Prior to joining Blue Coat, he co-founded and was VP of Technology at LinguaTech International. Chris holds a BS in Computer Science and a Masters in Linguistics.
Blue Coat Systems is a leading provider of web security and WAN optimization solutions that secure and optimize the flow of information to any user, on any network, anywhere. Blue Coat offers the visibility, acceleration and security required to enable the enterprise to tightly align network investments with business objectives, speed decision making and secure business applications for a long-term competitive advantage. Blue Coat also enables service providers to save bandwidth and improve end-user web experiences with carrier-grade caching solutions that support managed security and WAN optimization services. Blue Coat is trusted by 85% of the Fortune(r) Global 500.