A Survey On Automated Dynamic Malware Analysis Evasion And Counter-Evasion: PC, Mobile, And Web

Presented at DeepSec 2017 „Science First!“, Unknown date/time (Unknown duration)

Automated dynamic malware analysis systems are important in combating the proliferation of modern malware. Unfortunately, malware can often easily detect and evade these systems. Competition between malware authors and analysis system developers has pushed each to continually evolve their tactics for countering the other. In this paper we systematically review i) "fingerprint" -based evasion techniques against automated dynamic malware analysis systems for PC, mobile, and web, ii} evasion detection, iii} evasion mitigation, and iv} evasion "in the wild." We also discuss difficulties in experimentation evaluation, highlight future directions in offensive and defensive research, and briefly survey related topics in anti-analysis.

Presenters:

• Bülent Yener - River Loop Security, LLC, Rensselaer Polytechnic Institute   as Bulent Yener
  T.B.A.
• Alexei Bulazel - River Loop Security, LLC, Rensselaer Polytechnic Institute
  T.B.A.

Links:

• https://deepsec.net/archive/2017.deepsec.net/speaker.html#PSLOT334

Similar Presentations:

• Black Hat USA 2014 / Prevalent Characteristics in Modern Malware
• Black Hat USA 2012 / A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies
• Black Hat USA 2012 / Flowers for Automated Malware Analysis