"Evasive Malware in the Wild: Evolving to Evade Detection"
Evasive malware behavior is up 2000% in the past year, bypassing traditional firewalls, gateways and sandboxes. Organizations struggle as cybercriminals design sophisticated and stealthy malware to loop, cloak itself and morph to evade detection. In this talk, I aim to shed light on the latest behaviors, payloads and prevalence of evasive malware.
Engin Kirda is a computer science professor at Northeastern University in Boston. He is also the chief architect at global breach protection provider Lastline - which he co-founded in 2011. He has co-authored more than 100 published research papers. Before Northeastern, he held faculty positions at Institut Eurecom in the French Riviera and the Technical University of Vienna where he co-founded the Secure Systems Lab that is now distributed across multiple institutions in Europe and the U.S. Engin's recent research has focused on malware analysis and detection, web application security and practical aspects of social networking security - including the de-anonymization of social network users. He has served on program committees of numerous well-known international conferences and workshops. Engin chaired the flag ship security conference NDSS in 2015.
Joe St Sauver
"What Must We Do? Industry Reactions to Pervasive Monitoring Programs"
Disclosure of the fact that users of many leading Internet Service Providers have been targeted by national security agencies for pervasive monitoring has caused considerable consternation, both among the users of those services, and among the service providers themselves.
This talk will describe and discuss the program of work undertaken to address those concerns by the anti-Pervasive Monitoring SIG at M3AAWG.
For those who may not be familiar with M3AAWG, it is the Messaging, Malware, and Mobile Anti Abuse Working Group, and it is the forum where leading Internet Service Providers gather to discuss pressing threats to the cyber security of their services. Normally "what happens at M3AAWG stays at M3AAWG," but given the substantial community interest in pervasive monitoring, permission has been received from M3AAWG's Executive Director and the co-chairs of the anti-Pervasive Monitoring SIG for these remarks.
Joe St Sauver, Ph.D. is a scientist with Farsight Security, Inc. (www.farsightsecurity.com). Prior to Farsight, St Sauver was with the University of Oregon (UO) for roughly 28 years, including working under contract with Internet2 as their Nationwide Security Programs Manager.
In addition to his work with Farsight, Joe remains active in a variety of other capacities, including serving as:
-- One of half a dozen Senior Technical Advisors for M3AAWG, whose membership includes companies servicing over a billion mailboxes worldwide,
-- A strategic advisor and professional member of the Online Trust Alliance (OTA),
-- A member of the board for the Coalition Against Unsolicited Commercial Email (CAUCE),
-- A community representative for the Broadband Internet Technical Advisory Group (BITAG),
-- A member of the Research and Education Information Sharing and Analysis Center, including serving on the REN-ISAC Technical Advisory Group.
Joe remains affiliated with UO via a Courtesy Associate Professor with the Network Startup Resource Center (NSRC). He routinely presents to national and international audiences on a variety of cyber security-related topics, see https://www.stsauver.com/joe/ for copies of many of his talks.