1 / 23

PandaLabs Evolving Protection

PandaLabs Evolving Protection. César Saiz Critical Malware department director. Index. Malware trends Real world attacks PandaLabs evolution Current focus Disinfection False positives Behavioral analysis URLs. Malware trends. Malware trends. Malware trends. Malware trends.

sulwyn
Download Presentation

PandaLabs Evolving Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. PandaLabsEvolving Protection César Saiz Critical Malware department director

  2. Index • Malware trends • Real world attacks • PandaLabs evolution • Current focus • Disinfection • False positives • Behavioral analysis • URLs

  3. Malware trends

  4. Malware trends

  5. Malware trends

  6. Malware trends Malware goals • Yesterday • Notoriety • Huge spreading • Today • Benefit oriented • Targeted • Tomorrow • More benefit oriented • More targeted

  7. Malware trends

  8. Malware trends

  9. Malware trends Detection challenges • Increasing cost • Polymorphic engines • File-infectors reemerge • Packers and more packers

  10. Malware trends Detection challenges • False positives • Wolf in sheep’s clothing • Generic vs. specific • Long tail malware • Huge variability • Targeted • Short-living ? ?

  11. Real world attacks

  12. Real world attack Stuxnet • Exploits 0-day vulnerabilities • Hides using rootkit techniques • Focused on SCADA systems: • Industrial espionage • Hidden industrial processes manipulation • Cyberwar?

  13. Real world attack

  14. ! Real world attack !

  15. Real world attack Zeus “mobile edition” • Banker trojan (complete suite) • Supports mobile infection for SMS hidden management Order Security Code SMS forwarding module ZEUS network

  16. Real world attack Transfer order Security Code Security Code Transfer done

  17. PandaLabs evolution

  18. PandaLabs evolution • Focus on: • Customers • Comparatives • Critical Malware response team • Automatic Malware processing systems • Deploy Cloud • Plug-ins, backward compatible framework, non PE signatures, new generic signatures, heuristic periodic updates…

  19. Currentfocus

  20. Current focus • Disinfection • Automation of malware • Optimized delivery though the cloud • Behavioral analysis • Improved sensors • Improved detection logic

  21. Current focus • False positives: • Increase Goodware knowledge • Enforce quality control • URLs • Increase browsing knowledge • Optimize delivery though the cloud

  22. Current focus Our goal 1 2 3

  23. Thank you!

More Related