The purpose of this talk is to provide an overview of malware defenses that attempt to hinder reverse engineering efforts and provide methods and resources to overcome those obstacles. Malware authors often don't want defenders to be able to understand their creations because then they can create defenses and indicators of compromise. Anti-disassembly, anti-debugging, anti-virtualization, and packing will be discussed as well as methods to overcome common implementations. Creation of indicators of compromise and defenses for after the malware's shields are down will also be covered. It is my hope that participants will gain the basic skills and confidence to immediately start safely investigating armored malware in order to thoroughly understand and defend against infections.

Bio: Tyler is a threat researcher for Fidelis Cybersecurity where he gets to work with an amazing team. Tyler's main research interests are in reverse engineering and malware analysis. He is currently working on his doctorate in computer science. He is a SANS Lethal Forensicator and has several industry certifications including the CISSP and GREM. He likes to stay involved in the security community through several organizations and has spoken at various conferences and meetings. He also posts on his personal blog at www.tylerhalfpop.com and twitter @tylerhalfpop.

Back to Circle City Con 2015 Videos list