Upload File

real life infosec - tel aviv university

63
MICHAEL SHALYT – BIO-IN-A-GRAPH Technology Research

Upload: shalyt

Post on 06-Aug-2015

70 views

Category:

Software


0 download

Report

Tags:

TRANSCRIPT

Page 1: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

Page 2: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

Page 3: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

Page 4: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

IPHO 2005

Page 5: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

IPHO 2005BSc. Physics + EE

Page 6: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

Cyber Cyber

IPHO 2005BSc. Physics + EE

Page 7: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

Cyber Cyber

Reverse Engineering

IPHO 2005BSc. Physics + EE

Page 8: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

Cyber Cyber

Reverse Engineering

Research TL

IPHO 2005BSc. Physics + EE

Page 9: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

Cyber Cyber

Reverse Engineering

Research TL

IPHO 2005BSc. Physics + EE

MSc. Quantum Information

Page 10: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

Cyber Cyber

Reverse Engineering

Research TL

IPHO 2005BSc. Physics + EE

MSc. Quantum Information

Malware Research TL @CP

Page 11: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

ASM (13yo)

Matlab

Javascript

Actionscript

Mathematica

C

Scheme

Cyber Cyber

Reverse Engineering

Research TL

PythonIPHO 2005BSc. Physics + EE

MSc. Quantum Information

Malware Research TL @CP

Pascal

AutoIT

Page 12: Real Life InfoSec - Tel Aviv University

MICHAEL SHALYT – BIO-IN-A-GRAPH

Technology

Rese

arch

First program (8yo)

Lifeinagraph.blogspot.com

ASM (13yo)

Matlab

Javascript

Actionscript

Mathematica

C

Scheme

Cyber Cyber

Reverse Engineering

Research TL

PythonIPHO 2005BSc. Physics + EE

MSc. Quantum Information

Malware Research TL @CP

Pascal

AutoIT

Catapults

Humans

Page 13: Real Life InfoSec - Tel Aviv University

AGENDA

• Philosophy and definitions.

• Protection approaches: past, present and future.

Page 14: Real Life InfoSec - Tel Aviv University

AGENDA

• Philosophy and definitions.

• Protection approaches: past, present and future.

• Anti-Sandboxing.

Page 15: Real Life InfoSec - Tel Aviv University

AGENDA

• Philosophy and definitions.

• Protection approaches: past, present and future.

• Anti-Sandboxing.

• Packing and packers – theory and practice. (Ben)

Page 16: Real Life InfoSec - Tel Aviv University

CYBER PHILOSOPHY

Page 17: Real Life InfoSec - Tel Aviv University

THE FUTURE IS NOW

Page 18: Real Life InfoSec - Tel Aviv University

THE FUTURE IS NOW

• From sci-fi to banality.

Page 19: Real Life InfoSec - Tel Aviv University

THE FUTURE IS NOW

• From sci-fi to banality.

• IOT is here.

Page 20: Real Life InfoSec - Tel Aviv University

THE FUTURE IS NOW

• From sci-fi to banality.

• IOT is here.

• Technological complexity.

Page 21: Real Life InfoSec - Tel Aviv University

THE FUTURE IS NOW

• From sci-fi to banality.

• IOT is here.

• Technological complexity.

• Power.

Page 22: Real Life InfoSec - Tel Aviv University

WHAT’S A HACKER?

Page 23: Real Life InfoSec - Tel Aviv University

WHAT’S A HACKER?

• People committed to circumvention of computer security.

Page 24: Real Life InfoSec - Tel Aviv University

WHAT’S A HACKER?

• People committed to circumvention of computer security.

• RFC 1392: “A person who delights in having an intimate understanding of the internal workings of a system”. (1960s around MIT's Tech Model Railroad Club)

Page 25: Real Life InfoSec - Tel Aviv University

WHAT’S A HACKER?

• People committed to circumvention of computer security.

• RFC 1392: “A person who delights in having an intimate understanding of the internal workings of a system”. (1960s around MIT's Tech Model Railroad Club)

• Vs. “user” (like “script kiddies”)

Page 26: Real Life InfoSec - Tel Aviv University

WHAT’S A MALWARE?

Page 27: Real Life InfoSec - Tel Aviv University

WHAT’S A MALWARE?

• Software that tries to harm/take advantage of you.

Page 28: Real Life InfoSec - Tel Aviv University

WHAT’S A MALWARE?

• Software that tries to harm/take advantage of you.

• Very (very..) persistent toolbars?

Page 29: Real Life InfoSec - Tel Aviv University

WHAT’S A MALWARE?

• Software that tries to harm/take advantage of you.

• Very (very..) persistent toolbars?

• Vista?

Page 30: Real Life InfoSec - Tel Aviv University

WHAT’S A MALWARE?

• Software that tries to harm/take advantage of you.

• Very (very..) persistent toolbars?

• Vista?

• Farmville?...

Page 31: Real Life InfoSec - Tel Aviv University

WHAT DO WOMEN… EMMM… MALWARE WANT?

Page 32: Real Life InfoSec - Tel Aviv University

Malware detection – past, present and future

Michael Shalyt

SECURING THE NEIGHBORHOOD

Page 33: Real Life InfoSec - Tel Aviv University

� http://cyberparse.co.uk/

BUZZWORD EXPLOSION

Page 34: Real Life InfoSec - Tel Aviv University

PAST

Page 35: Real Life InfoSec - Tel Aviv University
Page 36: Real Life InfoSec - Tel Aviv University
Page 37: Real Life InfoSec - Tel Aviv University

MUGSHOT DATABASE

Page 38: Real Life InfoSec - Tel Aviv University

MUGSHOT DATABASE

Page 39: Real Life InfoSec - Tel Aviv University

BINARY SIGNATURES

Page 40: Real Life InfoSec - Tel Aviv University

BINARY SIGNATURES

Page 41: Real Life InfoSec - Tel Aviv University

BINARY SIGNATURES

Page 42: Real Life InfoSec - Tel Aviv University

POLIMORPHISM

Page 43: Real Life InfoSec - Tel Aviv University

POLIMORPHISM

Page 44: Real Life InfoSec - Tel Aviv University

PRESENT

Page 45: Real Life InfoSec - Tel Aviv University

INDICATORS OF COMPROMISE

Page 46: Real Life InfoSec - Tel Aviv University

IOC DETECTION DOWNSIDES

Page 47: Real Life InfoSec - Tel Aviv University

IOC DETECTION DOWNSIDES

• Which areas do we watch?

Page 48: Real Life InfoSec - Tel Aviv University

IOC DETECTION DOWNSIDES

• Which areas do we watch?

• Some suspicious mechanisms are used by innocent software as well.

Page 49: Real Life InfoSec - Tel Aviv University

IOC DETECTION DOWNSIDES

• Which areas do we watch?

• Some suspicious mechanisms are used by innocent software as well.

• Attackers can see and sometimes circumvent alarms.

Page 50: Real Life InfoSec - Tel Aviv University

INDICATORS OF INTEREST

Page 51: Real Life InfoSec - Tel Aviv University

INDICATORS OF INTEREST

Page 52: Real Life InfoSec - Tel Aviv University

INDICATORS OF INTEREST

Page 53: Real Life InfoSec - Tel Aviv University

INDICATORS OF INTEREST

Page 54: Real Life InfoSec - Tel Aviv University

EMULATION

Page 55: Real Life InfoSec - Tel Aviv University

FUTURE

Page 56: Real Life InfoSec - Tel Aviv University

ANOMALY DETECTION

Page 57: Real Life InfoSec - Tel Aviv University

HONEYNET

Page 58: Real Life InfoSec - Tel Aviv University

MALWARE RESEARCH

Page 59: Real Life InfoSec - Tel Aviv University

MALWARE RESEARCH

Page 60: Real Life InfoSec - Tel Aviv University

ANTI-SANDBOXING

Page 61: Real Life InfoSec - Tel Aviv University

OBFUSCATION

Page 62: Real Life InfoSec - Tel Aviv University

הייחוס איום

• Automated:

• Static scraping (strings, IPs, signatures etc.)

• Dynamic analysis

• Human:

• Black box

• White box (RE)

Page 63: Real Life InfoSec - Tel Aviv University

PACKERS


LOVE ART tel aviv

Tel Aviv 2013 - gaymap.info

Tel Aviv 2012

Vacuum Entanglement B. Reznik (Tel Aviv Univ.) Alonso Botero (Los Andes Univ. Columbia) Alex Retzker (Tel Aviv Univ.) Jonathan Silman (Tel Aviv Univ.)

Tel Aviv Global City Work Plan 2011 Tel Aviv-Yafo Municipality

Convergence Time to Nash Equilibria in Load Balancing Eyal Even-Dar, Tel-Aviv University Alex Kesselman, Tel-Aviv University Yishay Mansour, Tel-Aviv University

Surfing in Tel-Aviv

Tel Aviv Pg 7sins

Ispra tel aviv

Tel Aviv University Center for Nanoscience & Nanotechnology · Tel Aviv University Center for Nanoscience and Nanotechnology Scientific Report 2015–2016 Tel Aviv University Center

Tel Aviv Iafo

Gerusalemme-Tel Aviv

Elevate Tel Aviv

HEP Tel Aviv University

Npp tel aviv 130514c

ASSAF LIKHOVSKI June 2018 Tel Aviv University Faculty of ... · 1 CURRICULUM VITAE . ASSAF LIKHOVSKI . June 2018 . Tel Aviv University Faculty of Law . Ramat Aviv, Tel Aviv, 69978

Tel Aviv Demo Camp

Tel Aviv-Gerusalemme

Tel Aviv Turner

Visiting Tel-Aviv

Inspiratietour Tel-Aviv Riverwise

TEL AVIV UNIVERSITY - TAU

Tel Aviv Map · Lusky Suites Hotel Marina Tel Aviv Maxim Meloåy Mercure B&P TelAviv Metropolitan Migel Hotel Otyrnpa Prima Tel Aviv Regency Suites Renaissance Tel-Aviv Savoy Art

The Political Premises of Contemporary Urban Concepts: The ... · Tel aviv University, Tel aviv, israel; cFaculty of engineering, Tel aviv University, Tel aviv, israel ABSTRACT Numerous

Gitit's Tel Aviv

Tel Aviv, Israel

A colorful tel aviv

Daniel Goldstein, Tel Aviv

I S R A E L Tel Aviv Tel Aviv at night Tel Aviv

Networked -Workshop tel aviv

TEL AVIV UNIVERSITY

Exchange Berlin-Tel Aviv

VERAO EM TEL AVIV

ביבא–לת TEL AVIV · Track Lead: Michael Misrachi, Marketing Communications Manager, Tel Aviv Foundation & Omri Carmon, Local Strategic Partner, Resilience Plan, TEL AVIV

Colonia-Tel Aviv