HITBSecConf2011 – Malaysia » HITB SIGINT: Muhammad Najmi Ahmad Zabidi (PhD Student)



HITB SIGINT: Muhammad Najmi Ahmad Zabidi (PhD Student)

Presentation Title Compiling Features for Malicious Binaries
Presentation Abstract

Malware infects a host with exploiting known and unknown vulnerabilities. Among the list of current detections methods, one of them is by using malware signatures in which it is considered fast and works with acceptable computing overhead. The signature generation begins with analysis done by the malware analysts. Since most antiviruses are commercial, least known to the public the method being done for large scale malware signature detection.

One method of detecting malware is by using dynamic analysis, where the behaviour of malware being monitored. The other one is by using static analysis, where it involves the process of diassembling the binary. Here I will share how we can use Python, a powerful interpreted language to do a malicious call analysis.

About Muhammad Najmi Ahmad Zabidi

Muhammad Najmi Ahmad Zabidi, currently a full time PhD student working on malware detection in Universiti Teknologi Malaysia, Skudai. He is currently working for his work remotely in Kuala Lumpur. His focus is in machine learning/soft computing approach for malicious software detection.