Catch me if you can: Building a Web Malware Analyzer using Machine Learning

Presented at AppSec USA 2014, Sept. 19, 2014, 2 p.m. (45 minutes).

With close to 10,000 new, legitimate websites being added to the Google malware blacklist every day, its clear that infecting websites to spread malware has become the go-to choice for malicious hackers. In this talk I will focus on how the problem is evolving, how websites are getting infected and what gets injected into websites. I will also focus on how to use machine learning to quickly build a system that can scale far beyond what AV engines can catch.

This talk will show a live demo and will be a mix of powerpoint slides that educate, inform and enable the audience to understand web malware trends and set up mechanisms to catch non obvious pieces of web malware.

Presenters:

• Anirban Banerjee - Systems Engineer - CloudFlare Inc.
  Anirban was a co-founder and technical lead at StopTheHacker, acquired now by Cloudflare. Anirban holds a Ph.D. in Computer Science from the University of California at Riverside. For the last 6 years he has been active in various security circles and working groups that focus on eradication of web-malware and has presented lightning talks at various conferences.

Links:

• https://owaspappsecusa2014.sched.com/event/Nvx40I/catch-me-if-you-can-building-a-web-malware-analyzer-using-machine-learning
• https://www.youtube.com/watch?v=XsIpsOykVIk

Similar Presentations:

• ekoparty 14 (2018) / To Execute or Not to Execute. How to Build a Malware Execution Lab
• DerbyCon 3.0 All in the Family (2013) / The Malware Management Framework, a process you can use to find advanced malware. We found WinNTI with it!
• VB2017 / Still a lot to learn: bypassing machine-learning AV solutions