[ mainpage :: register :: training :: conference :: hitb-labs :: the venue ]
[ capture the flag (CTF) :: wireless village :: lock picking village (LPV) :: open-hack ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]


HITBSecConf2008 - Malaysia (Day 1)

HITBSecConf2008 - Malaysia (Day 2)

Registration for HITBSecConf2009 - Dubai is also now open.

Ero Carrera (Reverse Engineering Automation Researcher, zynamics GmbH)

Filed under: Main Page — Administrator @ 3:13 pm

Presentation Title: Analysis and Visualization of Common Packers
Presentation Details:

In a field like malware analysis the first problem one encounters is that of overcoming the protection schemes devised by others, be those the creators of malware themselves or companies developing the protections as generic tools to deter reverse engineering and cracking.

Those protection schemes have developed over time to include a wide variety of anti-debugging and anti-disassembling techniques. Nowadays virtual machines and advanced obfuscation techniques are commonly found and make the process of reverse engineering the original application all the more complex. In the talk we will see some of the techniques used by protection schemes and how they compare to each other, peeking as well into the developing counter-measures against them.

About Ero:

Ero Carrera is currently a reverse engineering automation researcher at zynamics GmbH (was SABRE Security Gmbh), home of BinDiff and BinNavi. He is a recurring trainer at the trainings held by Black Hat conference. Ero has previously spent several years as a Virus Researcher at F-Secure where his main duties ranged from reverse engineering of malware to research in analysis automation methods. Prior to F-Secure, he was involved in miscellaneous research and development projects and always had a passion for mathematics, reverse engineering and computer security.

While at F-Secure he advanced the field of malware classification introducing a joint paper with Gergely Erdelyi on applying genomic methods to binary structural classification. Other projects he’s worked on include seminal research on generic unpacking. Additionally, Ero is a habitual lurker on OpenRCE and has contributed to miscellaneous reverse engineering tools such as pydot, ida2sql, Pythonika and the broadly used pefile.

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By

Malaysian National Computer Confederation

Multimedia Development Corporation

Platinum Sponsors

Titanium Sponsor (Post Conference Reception)

Gold Sponsors

CTF Sponsor

CTF Prize Sponsor

Open-Hack Sponsor

Metro-e and Official Bandwidth Sponsor

Network Equipment Sponsor

Our Speakers are Supported By

Supporting Media:

Virus Bulletin

InfoSec News

InfoSec News

XAKEP (Russia)

Supporting Organizations

Professional Information Security Association - Hong Kong

Special Interest Group in Security & Information InteGrity Singapore