Pandalabs evolving protection
Sponsored Links
This presentation is the property of its rightful owner.
1 / 23

PandaLabs Evolving Protection PowerPoint PPT Presentation


  • 84 Views
  • Uploaded on
  • Presentation posted in: General

PandaLabs Evolving Protection. César Saiz Critical Malware department director. Index. Malware trends Real world attacks PandaLabs evolution Current focus Disinfection False positives Behavioral analysis URLs. Malware trends. Malware trends. Malware trends. Malware trends.

Download Presentation

PandaLabs Evolving Protection

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


PandaLabsEvolving Protection

César Saiz

Critical Malware department director


Index

  • Malware trends

  • Real world attacks

  • PandaLabs evolution

  • Current focus

    • Disinfection

    • False positives

    • Behavioral analysis

    • URLs


Malware trends


Malware trends


Malware trends


Malware trends

Malware goals

  • Yesterday

    • Notoriety

    • Huge spreading

  • Today

    • Benefit oriented

    • Targeted

  • Tomorrow

    • More benefit oriented

    • More targeted


Malware trends


Malware trends


Malware trends

Detection challenges

  • Increasing cost

    • Polymorphic engines

    • File-infectors reemerge

    • Packers and more packers


Malware trends

Detection challenges

  • False positives

    • Wolf in sheep’s clothing

    • Generic vs. specific

  • Long tail malware

    • Huge variability

    • Targeted

    • Short-living

?

?


Real world attacks


Real world attack

Stuxnet

  • Exploits 0-day vulnerabilities

  • Hides using rootkit techniques

  • Focused on SCADA systems:

    • Industrial espionage

    • Hidden industrial processes manipulation

    • Cyberwar?


Real world attack


!

Real world attack

!


Real world attack

Zeus “mobile edition”

  • Banker trojan (complete suite)

  • Supports mobile infection for SMS hidden management

Order

Security Code

SMS forwarding module

ZEUS

network


Real world attack

Transfer order

Security Code

Security Code

Transfer done


PandaLabs evolution


PandaLabs evolution

  • Focus on:

    • Customers

    • Comparatives

  • Critical Malware response team

  • Automatic Malware processing systems

  • Deploy Cloud

  • Plug-ins, backward compatible framework, non PE signatures, new generic signatures, heuristic periodic updates…


  • Currentfocus


    Current focus

    • Disinfection

      • Automation of malware

      • Optimized delivery though the cloud

    • Behavioral analysis

      • Improved sensors

      • Improved detection logic


    Current focus

    • False positives:

      • Increase Goodware knowledge

      • Enforce quality control

    • URLs

      • Increase browsing knowledge

      • Optimize delivery though the cloud


    Current focus

    Our goal

    1

    2

    3


    Thank you!


  • Login