With the astonishing rate of new and modified malware samples being released daily, automation of analysis is needed to classify and cluster together similar samples, exclude basic and uninteresting variations, and focus costly manual analysis work on novel and interesting features (e.g., added or remove pieces of code with a given semantic). We will discuss the challenges in analyzing large malware datasets in a (semi)automatic fashion, and look at some recent research results that may help with the task, by leveraging the concept of “behavior” applied to malicious code.
Stefano Zanero received his PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor with the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on mobile malware, malware analysis, and systems security. In addition to teaching “Computer Security” and “Computer Forensics” at Politecnico, Zanero has extensive speaking and training experience in Italy and abroad. He has co-authored over 60 scientific papers and books, is a Senior Member of the IEEE, the IEEE Computer Society (for which he is a member of the Board of Governors), and a lifetime senior member of the ACM. Zanero co-founded the Italian chapter of ISSA (Information System Security Association) and has been named a Fellow of ISSA and sits on its International Board of Directors. A long time op-ed writer for magazines, including Computer World, Stefano is also a co-founder and chairman of Secure Network, a leading information security consulting firm based in Milan and London. He is the co-founder of 18Months, a cloud-based ticketing solutions provider. Most recently he co-founded a stealth-mode startup in the FinTech sector.