ISSA-NOVA June 2014 – Dynamic Malware Analysis

 June - Hussey

Featuring Brian Hussey on Dynamic Malware Analysis of a Kernel Level Rootkit Banking Trojan

This talk will be an introduction to dynamic malware analysis. How often do you identify a rogue binary that you suspect to be malicious, but you have no way to determine its functionality other than uploading to Virustotal or examining (hopefully unpacked) strings?If this is a situation you’ve found yourself in, then this talk could be just for you. I will provide a detailed process for examining an advanced kernel level rootkit to determine its functionality, capabilities, and network activity. We will discuss methodologies for bypassing obfuscation, process hiding techniques, and for recovering stolen data. This talk will be useful for anyone in a technical role in the information security field.
Date: Thursday, June 19, 2014
Time: Doors Open at 5:30 PM;  Meeting Starts at 6:15 PM
Brian Hussey is a Senior Digital Forensic Analyst and Group Lead with the Harris Corporation, working on a contract with Federal Law Enforcement. He conducts in-depth digital forensics and malware analysis in support of cases from field offices throughout the United States and international law enforcement partners.He has testified in federal court as an expert witness against cyber-criminals responsible for the theft millions of US dollars and has assisted in the prosecution of child predators, malware authors, and other online fraudsters. Mr. Hussey is also a professor in George Mason University’s Master of Computer Forensics program.