Summary:

In this workshop participants will be taught the basics of analyzing malware in a way that is practical to modern cyber security practices. The aims of this training is to utilize publically available and open source tools combined with a basic forensic skillset to extract information from malware safely in order to provide intelligence a company can use to mitigate similar threats in the future.

Topics:

  • Network Security
  • Computer Forensics
  • Reverse Engineering
  • Anti-cyberterrorism
  • Computer Security
  • Malware Analysis

Format and Duration:

This workshop is intended to be a classroom format where participants bring their own laptops. Organizers will provide tools and sample malware. The workshop will begin with a lecture followed by a lab portion that will be guided by the instructors.

Significance in relation to the topics of the conference:

Practical malware analysis covers many aspects of the conferences topics:

Anti-cyberterrorism:

Malware is used by state and criminal actors and is more prevalent than ever, the skillset to analyze and extract information from this malware becoming more demanding in this industry. The protection of your company, your state, your assets are determined in a large part by your ability to analyze the threats that are presented to you.

Computer Forensics:

Much of the lab content of this lecture and workshop will be based in computer forensics; from acquisition of the malware to deploying a safe analysis environment. Malware utilizes packers and crypters, being able to identify these obfuscation techniques is key to any form of software and forensic analysis.

Computer Security and Network Security:

This workshop’s overall goal is to inevitably secure a personal or enterprise network. The information extracted from a piece of malicious software would give an analyst the means necessary to create a specific signature based rule, or block a malicious domain, thereby increasing the security of computers and networks in question.

NOTE: The tutorial will be three hours as

  • 1 Hour Lecture
  • 1.5 Hour Tutorial (Hands on practical)
  • 0.5 Hour questions and free play
  • We will provide tools, sample malware, and handouts. We just ask that participants bring their own laptops or computers (Windows, Mac or Linux); with virtualization software, Virtual Box or VMware.