Pandalabs evolving protection
Download
1 / 23

PandaLabs Evolving Protection - PowerPoint PPT Presentation


  • 107 Views
  • Uploaded on

PandaLabs Evolving Protection. César Saiz Critical Malware department director. Index. Malware trends Real world attacks PandaLabs evolution Current focus Disinfection False positives Behavioral analysis URLs. Malware trends. Malware trends. Malware trends. Malware trends.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' PandaLabs Evolving Protection' - sulwyn


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Pandalabs evolving protection

PandaLabsEvolving Protection

César Saiz

Critical Malware department director


Index
Index

  • Malware trends

  • Real world attacks

  • PandaLabs evolution

  • Current focus

    • Disinfection

    • False positives

    • Behavioral analysis

    • URLs





Malware goals

Malware trends

Malware goals

  • Yesterday

    • Notoriety

    • Huge spreading

  • Today

    • Benefit oriented

    • Targeted

  • Tomorrow

    • More benefit oriented

    • More targeted




Detection challenges

Malware trends

Detection challenges

  • Increasing cost

    • Polymorphic engines

    • File-infectors reemerge

    • Packers and more packers


Detection challenges1

Malware trends

Detection challenges

  • False positives

    • Wolf in sheep’s clothing

    • Generic vs. specific

  • Long tail malware

    • Huge variability

    • Targeted

    • Short-living

?

?



Stuxnet

Real world attack

Stuxnet

  • Exploits 0-day vulnerabilities

  • Hides using rootkit techniques

  • Focused on SCADA systems:

    • Industrial espionage

    • Hidden industrial processes manipulation

    • Cyberwar?



!

Real world attack

!


Zeus mobile edition

Real world attack

Zeus “mobile edition”

  • Banker trojan (complete suite)

  • Supports mobile infection for SMS hidden management

Order

Security Code

SMS forwarding module

ZEUS

network


Real world attack

Transfer order

Security Code

Security Code

Transfer done



PandaLabs evolution

  • Focus on:

    • Customers

    • Comparatives

  • Critical Malware response team

  • Automatic Malware processing systems

  • Deploy Cloud

  • Plug-ins, backward compatible framework, non PE signatures, new generic signatures, heuristic periodic updates…


  • Currentfocus


    Current focus

    • Disinfection

      • Automation of malware

      • Optimized delivery though the cloud

    • Behavioral analysis

      • Improved sensors

      • Improved detection logic


    Current focus

    • False positives:

      • Increase Goodware knowledge

      • Enforce quality control

    • URLs

      • Increase browsing knowledge

      • Optimize delivery though the cloud


    Current focus

    Our goal

    1

    2

    3



    ad