Comparison of File Infection on Windows & Linux

Presented at DEF CON 16 (2008), Aug. 10, 2008, 4 p.m. (50 minutes)

This talk documents the common file infection strategies that virus writers have used over the years, conduct the comparison of Portable Executable (PE) file infection on the Windows platform and Executable and Linking Format (ELF) file infection on the Linux Platform.

Presenters:

• lychan25
  lychan25 has been working in cyber security industry for the recent 2 years. lychan25 was previously Security Consultant and also member of Independent Virus Group F-13 Labs. Now further the study in University Kebangsaan Malaysia as Ph.D (Doctor of Philosophy) student, majoring The Art of Packing/Unpacking.
• lclee_vx - Founder F-13 Labs
  lclee_vx founded the Independent Virus Group F-13 Labs. Also is active virus coder in EOF-Project. lclee_vx has worked in one of the security company in Malaysia, served for 4 years as the security consultant. Now further the study in University Kebangsaan Malaysia as Ph.D (Doctor of Philosophy) student, majoring Antivirus Core Engine Design and work as Security Engineer in Computer Sciences Corporation (CSC).

Links:

• https://defcon.org/html/defcon-16/dc-16-speakers.html#lclee_vx

Similar Presentations:

• VB2015 / Doing more with less: a study of file-less infection attacks
• HushCon 2014 / VMA Vudu - ELF Runtime Infection Forensics in Linux
• DEF CON 20 (2012) / APK File Infection on an Android System