Practical Malware Combat

Přednáška Martina Vejmelky

KDY: 11.10.2016 at 16.15 - 17:45

KDE: FEL ČVUT, v místnosti T2:D3-209

Malware is a steadily increasing presence in our online lives. Reasons for writing malware have shifted from idle curiosity decades ago to the profitable business involving blackmail, identity and intellectual property theft that we see today. To stop malware, one must employ a variety of tactics and approaches, since there is no single method to reliably identify malware. We will discuss levels at which we can examine the behavior of programs and show examples of tools and methods that can be used to accomplish this task. We will begin at the instruction level, where behavior of interest may be found in interaction with the CPU/RAM, through the level of interaction with the operating system and finish at the Internet level, where the spreading of the program represents its behavior. The talk will also discuss technologies and systems used to gather, track and understand malware behavior in the Avast user base. Avast has over 400 million active users worldwide. This scale provides the Avast Threat Labs an excellent perspective for research and applications in program behavior analysis, machine learning and big data analytics.

Bio
 
Martin Vejmelka graduated from the Faculty of Electrical Engineering of the Czech Technical University, earning an MSc in Technical Cybernetics and went on to receive a PhD from the CTU in Biocybernetics and Artificial Intelligence for his research work at the Czech Academy of Sciences. His academic career was focused on problems related to understanding complex systems. He began with his PhD work focused on causality inference from biomedical time series. After this he spent three years as a postdoc in the field of neuroscience working on analysing neural communication using a variety of imaging methods and finally researched methods to quantify global weather patterns in climate science. He visited the Department of Mathematics at the University of Colorado the for two years and participated on a NASA project to develop a real-time capability to forecast the spread of wildfires. His main scientific contribution to the project was a real-time method for data assimilation of observed fuel moisture into fuel models used in coupled weather-fire simulations. After ten years in research, he moved to Avast where he now heads its Threat Labs which focus on solving the challenge of protecting users from malware.