Tag Archives: malware

Know your Enemy: Malware Authorship Attribution

Presented by Natalia Stakhanova at the Atlantic Security Conference 2018 Since the first computer virus hit the DARPA network in the early 1970s, the security community interest revolved around ways to expose identities of malware writers. Knowledge of the adversary’s identity promised additional leverage to security experts in their ongoing battle against perpetrators. At the …

CAn’t Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory

A rowhammer attack exploits a vulnerability created by the physical characteristics of modern computer memory. Dynamic Random-Access Memory (DRAM) is a high-speed memory circuit that stores information by creating an electrical charge in tiny capacitor; which is something like a battery.  A charged capacitor represents a value (i.e.”1”) as opposed to an uncharged capacitor (“0”).  …

Pierre-Luc Vaudry – Feeding the Machine: Data Collection and Other Challenges of Machine Learning for Spam Detection

Presented at the SERENE-RISC Workshop, 2017 October Spam detection software can use both handcrafted rules and machine learning techniques. At ZEROSPAM we are aiming at reducing the need to create or edit rules manually to adapt to constantly evolving email-borne threats. At the same time, the performance of our machine learning tools could be improved …

Dmitry Samosseiko – Ransomware: the great equalizer

Presented at the SERENE-RISC Workshop – 2016 Spring The cyber-attacks targeting individuals and businesses worldwide continue to grow and wreak havoc. But one particular threat type clearly stands out from everything else we see today or had faced before. The file-encrypting ransomware has taken its victims by storm recently. It’s dominating the current threat landscape …

Benjamin Fung – Kam1n0 Assembly Clone Search for Reverse Engineering

Presented at the Spring 2016 SERENE-RISC Workshop. Assembly code analysis is one of the critical processes for mitigating the exponentially increasing threats from malicious software. It is also a common practice for detecting and justifying software plagiarism and software patent infringements when the source code is unavailable. However, it is a manually intensive and time-consuming …