Winter 2009 ESCC/Internet2 Joint Techs

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Web Malware Tech: Obfuscation and Other Evasion Technologies

Time 02/04/09 08:50AM-09:10AM

We do not host flash-based video files on our servers anymore. Please contact Web Support for further details about netcast videos.

Session Abstract

The increasing criminal sophistication of Web malware is designed to rob organizations of critical data and resources while evading detection and analysis. Cyber criminals conceal their attacks through a blend of threats such as phishing spam containing URLs that load Web pages laced with obfuscated code. Nearly all serious Web malware infections use obfuscation to infiltrate the unprotected port 80. In this session, attendees will learn about Web-malware infection techniques that are aiding cyber criminals and presenting challenges to IT security professionals. Topics include polymorphic JavaScript, malicious Web sites that only attack targeted IP addresses, and malware integrity checking and authentication.

Speakers

Speaker Stuart Staniford FireEye

Presentation Media

media item thumbnail Status of the Web Threat (pdf)

Speaker Mitsuru Kanda University of Southern California/ISI

Speaker Stuart Staniford FireEye

Session Media

media item thumbnail Web Malware Tech: Obfuscation and Other Evasion Technologies Netcast Archive The increasing criminal sophistication of Web malware is designed to rob organizations of critical data and resources while evading detection and analysis. Cyber criminals conceal their attacks through a blend of threats such as phishing spam containing URLs that load Web pages laced with obfuscated code. Nearly all serious Web malware infections use obfuscation to infiltrate the unprotected port 80. In this session, attendees will learn about Web-malware infection techniques that are aiding cyber criminals and presenting challenges to IT security professionals. Topics include polymorphic JavaScript, malicious Web sites that only attack targeted IP addresses, and malware integrity checking and authentication. media item thumbnail Web Malware Tech: Obfuscation and Other Evasion Technologies Netcast Archive The increasing criminal sophistication of Web malware is designed to rob organizations of critical data and resources while evading detection and analysis. Cyber criminals conceal their attacks through a blend of threats such as phishing spam containing URLs that load Web pages laced with obfuscated code. Nearly all serious Web malware infections use obfuscation to infiltrate the unprotected port 80. In this session, attendees will learn about Web-malware infection techniques that are aiding cyber criminals and presenting challenges to IT security professionals. Topics include polymorphic JavaScript, malicious Web sites that only attack targeted IP addresses, and malware integrity checking and authentication.