Combating Evasive Malware
A key challenge in today's malware analysis is the use of evasions, a set of techniques that malicious artifacts use to determine if they are running inside analysis environments and to evade their detection.
In this talk, we will review evasion techniques found in-the-wild in binary and web-based malware (i.e., malicious web pages). We will also present two systems that we have introduced to detect and bypass common evasion techniques used in these contexts.
The talk will leverage our experience with doing malware analysis in a commercial settings at Lastline, as well as years of experience in running two academic malware analysis systems: Anubis (http://anubis.iseclab.org) and Wepawet (http://wepawet.cs.ucsb.edu).