Description
With the abundance of programs developed everyday, it is possible to develop next-generation antivirus programs that leverage this vast accumulated knowledge. In practice, these technologies are developed with a mixture of established techniques like pattern matching, and machine learning algorithms, both tailored to achieve high detection rate and low false alarms. While companies state the application of both techniques, no rigorous investigation on the interconnection between detection strategies have been properly discussed and evaluated, thus keeping further advancements in the field locked up in secrecy. In this talk, we will venture forth into both pattern-matching and data-based decision-making processes to study how they can be integrated, and how their performances can be tuned to improve their efficacy. Also, we will peek into the world of adversaries that want to sneak through these next-generation antivirus programs, highlighting new challenges as well.
Next sessions
-
The Design and Implementation of a Virtual Firmware Monitor
Speaker : Charly Castes - EPFL
Low level software is often granted high privilege, yet this need not be the case. Although vendor firmware plays a critical role in the operation and management of the machine, most of its functionality does not require unfettered access to security critical software and data. In this paper we demonstrate that vendor firmware can be safely and efficiently deprivileged, decoupling its[…]-
SoSysec
-
Compartmentalization
-
Operating system and virtualization
-