VB2018 preview: Workshops

Posted by   Martijn Grooten on   Sep 28, 2018

The Virus Bulletin Conference is first and foremost a place to learn: about new threats, about the tools used to detect and fight them, and to learn about (and get to know) the people that matter in the fast-changing world of threat intelligence and research.

This year, you can also learn about some essential techniques that are important for any cybersecurity researcher: kernel-mode malware analysis, Android reverse engineering, and AI in cybersecurity.


Dynamic manual analysis of kernel-mode malware

Though analysis of the vast majority of malware samples found these days is fully automated, manual analysis remains essential for those important and often more interesting edge cases. Cisco Talos researcher Vanja Svajcer, a regular VB speaker, will teach the audience how to perform dynamic manual analysis of kernel-mode malware, in particular using WinDbg.

Vanja says attendees will benefit from the hands-on examples if they are able to bring a laptop set up with Windows debugging tools.


Android reverse engineering

Android malware has become a serious and varied threat in recent years, and thus a workshop by Fortinet researcher Axelle Apvrille (also a regular VB speaker) on Android malware analysis is an exciting addition to the programme. Her workshop is, as the title suggests, 'for the brave', and will consists of several guided labs to cover subjects such as dealing with obfuscated samples and writing Radare2 scripts.

For this workshop, it will be necessary to bring a laptop that has been prepared by following these instructions.


Artificial intelligence in cybersecurity

Finally, artificial intelligence is a hot topic in security and beyond, and it is a particular focus of the city of Montreal that hosts VB2018. It is thus fitting that Benoît Hamelin, from local company Element AI, will host a workshop on AI and how it support efforts towards solving certain classes of cybersecurity problems.

To benefit from Benoît's hands-on examples, participants are recommended to bring a laptop in order to use the cloud-based Colaboratory.

All three workshops last 90 minutes and take place in the Small Talks room. No special registration or additional payment is required, but you must, of course, be registered for VB2018 itself!

VB2018-withdate-325w.jpg

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation

Static analysis and dynamic analysis each have their shortcomings as methods for analysing potentially malicious files. Today, we publish a VB2018 paper by Check Point researchers Yoni Moses and Yaniv Mordekhay, in which they describe a method that…

VB2019 call for papers closes this weekend

The call for papers for VB2019 closes on 17 March, and while we've already received many great submissions, we still want more!

Registration open for VB2019 ─ book your ticket now!

Registration for VB2019, the 29th Virus Bulletin International Conference, is now open, with an early bird rate available until 1 July.

The VB2019 call for papers is about ... papers

When we are calling for papers for the Virus Bulletin conference as we are doing now, we really mean a written paper. But don't worry if you've never written a paper - we can help!

VB2018 video: Adware is just malware with a legal department - how we reverse engineered OSX/Pirrit, received legal threats, and survived

Amit Serper first analysed the OSX/Pirrit adware in 2016, highlighting some of its malware-like techniques, and soon afterwards started receiving legal threats from the company behind it. At VB2018 Amit gave a presentation in which he discussed both…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.