Presented at
BSidesDC 2019,
Oct. 26, 2019, 1:30 p.m.
(50 minutes).
The Malware Behavior Catalog (MBC) is a publicly available framework defining behaviors and code characteristics to support malware analysis-oriented use cases, such as tagging, provenance and similarity analysis, and standardized reporting. As a malware-centric extension of the MITRE ATT&CK<sup>TM</sup> knowledge base, MBC draws upon ATT&CK’s success by applying its philosophy and methodology to malware. Namely, MBC maintains a malware, code-oriented perspective and focuses on real-world use of behaviors through empirical malware examples (note there is no formal relationship between ATT&CK and MBC). The presentation discusses real-world applications of MBC and will show how behavior indicators identified through static and dynamic analysis can be mapped to MBC, illustrating the depth and precision MBC provides.
Presenters:
-
Desiree Beck
- Principal Cybersecurity Engineer at MITRE
Dr. Desiree Beck joined the MITRE Corporation in 2001 and is a principal cybersecurity engineer in the Cyber Operations and Effects Technical Center. Her work focuses on the research and development of malware analysis tools and techniques.
-
Haley Bui-Nguyen
- Senior Cyber Security Engineer at MITRE
Haley Bui-Nguyen joined the MITRE Corporation in 2016. As a malware analyst and researcher, she is passionate about improving the quality and speed of malware analysis; her current research is on evaluating techniques for identifying similar malware samples. Haley got her B.S. in Electrical Engineering and Computer Science from University of California, Berkeley, and her M.S. in Information Security from Carnegie Mellon University.
Links:
Similar Presentations: