Blog keyword search

VB2016 paper: Open Source Malware Lab

At VB2016, ThreatConnect Director of Research Innovation Robert Simmons presented a paper on setting up an open source malware lab. Today, we share the accompanying paper and video.
Security experts aren't necessarily known for being skilled at predicting the future, but if there's one prediction they are guaranteed to get right, it's that there will be a lot… https://www.virusbulletin.com/blog/2017/01/vb2016-paper-open-source-malware-lab/

VB2016 paper: Defeating sandbox evasion: how to increase successful emulation rate in your virtualized environment

Today, we publish the VB2016 paper and presentation (recording) by Check Point Software researchers Alexander Chailytko and Stanislav Skuratovich, which focuses on the techniques used by malware to detect virtual environments, and provides detailed techni…
In order to analyse a potentially malicious binary, an important first step is to run it in a specialised virtual environment, or sandbox environment, and see what it does – if it… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-defeating-sandbox-evasion-how-increase-successful-emulation-rate-your-virtualized-environment/

VB2014 paper: Unveiling the kernel: rootkit discovery using selective automated kernel memory differencing

Ahmed Zaki and Benjamin Humphrey describe a system they built for the automated detection of rootkit behaviour.
Ahmed Zaki and Benjamin Humphrey describe a system they built for the automated detection of rootkit behaviour.Since the close of the VB2014 conference in Seattle in October, we… https://www.virusbulletin.com/blog/2015/01/paper-unveiling-kernel-rootkit-discovery-using-selective-automated-kernel-memory-differencing/