Internet Scale File Analysis

Channel:
United States All Hacking Cons
Subscribers:
6,410
Published on ● Video Link: https://www.youtube.com/watch?v=A2DPde6cVrY


Duration: 46:29
2 views
0

Malicious file analysis is well beyond the days when the humble PE32 file was all researchers needed to contend with. The use of malicious PDF, Office, and other files present a far more diverse threat than our defensive tools were originally designed to handle. To make matters worse, the sheer volume of files over time to analyze presents a meaningful logistical problem which becomes increasingly complex as analytical methods move from static to dynamic analysis. When the point in time problem is considered (the fact that historical discoveries can be viewed differently in the light of new analytical techniques or information), the problem seems all but intractable.

To this end, we have developed TOTEM, a system which is capable of coordinating, orchestrating, and scaling malware analytics across multiple cloud providers and thousands of running instances. It is easy to add new capabilities to and can intelligently segregate work based on features, such as filetype, analytic duration, and computational complexity. TOTEM supports dynamic analysis through DRAKVUF, a novel open-source dynamic malware analysis system which was designed specifically to achieve unparalleled scalability, while maintaining a high level of stealth and visibility into the executing sample. Building on the latest hardware virtualization extensions found in Intel processors and the Xen hypervisor, DRAKVUF remains completely hidden from the executing sample and requires no special software to be installed within the sandbox. Further addressing the problem of monitoring kernel-mode rootkits as well as user-space applications, DRAKVUF significantly raises the bar for evasive malware to remain undetected.

This talk will discuss the design, implementation, and practical deployment of TOTEM and DRAKVUF to analyze tremendous numbers of binary files.
PRESENTED BY
Zachary Hanif, Tamas Lengyel, George Webster

Black Hat - USA - 2015 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-03Emanate Like A Boss Generalized Covert Data Exfiltration With Funtenna
2022-01-03Attacking Hypervisors Using Firmware And Hardware
2022-01-03Cloning 3G4G SIM Cards With A PC And An Oscilloscope Lessons Learned
2022-01-03Internet Facing PLCs A New Back Orifice
2022-01-03Exploiting Out of Order Execution For Covert Cross VM Communication
2022-01-03Commercial Mobile Spyware Detecting The Undetectable
2022-01-03Internet Plumbing Gor Security Professionals The State Of BGP Security
2022-01-03Automated Human Vulnerability Scanning With AVA
2022-01-03Exploiting The DRAM Rowhammer Bug To Gain Kernel Privileges
2022-01-03CrackLord Maximizing Password Cracking Boxes
2022-01-03Internet Scale File Analysis
2022-01-03BGP Stream
2022-01-03Back Doors And Front Doors Breaking The Unbreakable System
2022-01-03Exploiting XXE Vulnerabilities In File Parsing Functionality
2022-01-03Is The NSA Still Listening To Your Calls A Surveillance Debate
2022-01-03Faux Disk Encryption Realities Of Secure Storage On Mobile Devices
2022-01-03Battle Of The SKM And IUM How Windows 10 Rewrites OS Architecture
2022-01-03Big Game Hunting The Peculiarities Of Nation State Malware Research
2022-01-03FileCry The New Age Of XXE
2022-01-03Forging The USB Armory, An Open Source Secure Flash Drive Sized Computer
2022-01-03Behind The Mask The Agenda, Tricks, & Tactics Of The Federal Trade Commission


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
virus
information
hack
password
concept
protection
fraud
malware
identity
criminal
phishing
software
access
system
firewall
communication
privacy
binary
account
spy
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
scale file analysis
file analysis
scale
Zachary Hanif
Tamas Lengyel
George Webster