With the rise in the number of targeted attacks against government and private companies, there is a certain requirement for automated exploit analysis and filtering document file formats.
There is a large number of companies offering solutions and products claiming to be able to detect these kinds of threats (APTs). Our talk would be on the current drawbacks of these systems and how on how to perform intelligent analysis on a huge number of exploits. The aim of the talk would be to explain the intelligence that we have added on to our automation system using dynamic instrumentation and hybrid analysis so that users could learn and utilize these techniques in detecting targeted attacks and automate exploit analysis.
We have been working on an exploit analysis system, a free tool developed under the Honeynet project. In my talk, I would pass on to the users the various techniques I have learned from my past several months of adventures had with exploit analysis, that involves but not limited to exploit obfuscation, exploit reliability, automated analysis bypass, attribution, multi-targeting and everything that makes targeted attacks scary.
On October 17th, 2013
At Hacker in the Box (HITB) Security Conference 2013 - (go to website)
165, Jalan Ampang, 50450 Kuala Lumpur, Malaysia
In front of 500 people