Rahul Sasi (Security Researcher)
PRESENTATION TITLE: Static Analysis and Dynamic Instrumentation for Intelligent Exploit Analysis
PRESENTATION ABSTRACT:
With the rise in number of targeted attacks against government and private companies, there is a certain requirement for automated exploit analysis and filtering document file formats.
There are large number of companies offering solutions and products claiming to be able to detect these kinds of threats (APTs). Our talk would be on the current drawbacks of these systems and how on how to perform intelligent analysis on a huge number of exploits. The aim of the talk would be to explain the intelligence that we have added on to our automation system using dynamic instrumentation and hybrid analysis, so that users could learn and utilize these techniques in detecting targeted attacks and automate exploit analysis.
We have been working on an exploit analysis system, a free tool developed under Honeynet project. In my talk I would pass on to the users the various techniques I have learned from my past several months of adventures had with exploit analysis, that involves but not limited to exploit obfuscation, exploit reliability, automated analysis bypass, attribution, multi targeting and everything that makes targeted attacks scary.
ABOUT RAHUL SASI
Rahul Sasi (fb1h2s) is working as a Security Researcher working for a Global Research firm. He has authored multiple security tools, advisories and articles. He has been invited to speak at various security conferences like HITB [KL], BlackHat [US Arsenal], Cocon (2011, 2012), Nullcon (2011, 2012,2013), HITB (AMS 2012), BlackHat (EU 2012), EKoparty (Argentina),CanSecwest(Canada 2013). His work could be found at www.Garage4Hackers.com.