Catch me if you can: Building a Web Malware Analyzer using Machine Learning

Presented at AppSec USA 2014, Sept. 19, 2014, 2 p.m. (45 minutes)

With close to 10,000 new, legitimate websites being added to the Google malware blacklist every day, its clear that infecting websites to spread malware has become the go-to choice for malicious hackers. In this talk I will focus on how the problem is evolving, how websites are getting infected and what gets injected into websites. I will also focus on how to use machine learning to quickly build a system that can scale far beyond what AV engines can catch. This talk will show a live demo and will be a mix of powerpoint slides that educate, inform and enable the audience to understand web malware trends and set up mechanisms to catch non obvious pieces of web malware.

Presenters:

  • Anirban Banerjee - Systems Engineer - CloudFlare Inc.
    Anirban was a co-founder and technical lead at StopTheHacker, acquired now by Cloudflare. Anirban holds a Ph.D. in Computer Science from the University of California at Riverside. For the last 6 years he has been active in various security circles and working groups that focus on eradication of web-malware and has presented lightning talks at various conferences.

Links:

Similar Presentations: