|22 Aug||Monday||0900-17:00 SGT/GMT +8||8 Hours|
|23 Aug||Tuesday||0900-17:00 SGT/GMT +8||8 Hours|
|24 Aug||Wednesday||0900-17:00 SGT/GMT +8||8 Hours|
Malware analysis and memory forensics are powerful analysis and investigative techniques used in reverse engineering, digital forensics and incident response. Adversaries are becoming more sophisticated and carrying out advanced malware attacks on critical infrastructures, Data Centers, private and public organizations. This makes detecting, responding and investigating such intrusions increasingly critical for information security professionals. Malware analysis and memory forensics have become a must-have skill for fighting advanced malwares, targeted attacks and security breaches.
This course will introduce attendees to basics of malware analysis,reverse engineering, Windows internals and memory forensics. It will then gradually progress deeper into more advanced concepts of memory forensics.
This course uses hands-on labs using real world malware samples and infected memory images (Crimewares, APT malwares, Rootkits etc) to help attendees gain better understanding of the subject. The training also shows how these techniques can be incorporated in a sandbox to automate malware analysis. After taking this course attendees will be equipped with skill to analyze, investigate and respond to malware related incidents.
Introduction to Malware Analysis
Dynamic Analysis/Behavioural analysis
Automating Malware Analysis(sandbox)
Malware Persistence Methods
Introduction to Memory Forensics
Investigating Process handles & Registry
Investigating Network Activities
Investigation Process Memory
Investigating User-Mode Rootkits & Fileless Malwares
Memory Forensics in Sandbox technology
Investigating Kernel-Mode Rootkits
Memory Forensic Case Studies
Mr. Gal Diskin is a cybersecurity and AI researcher. He was previously the VP & head of Palo Alto Networks’ Israeli site, and is a serial entrepreneur. Mr. Diskin’s research has been featured in HITB, Defcon, Black Hat, CCC, and other conferences, spanning fields from low level security research such as hardware vulnerabilities, binary instrumentation, and car hacking to high level research on AI detection methods, Enterprise security, and Identity security. Mr. Diskin was also the technical lead and co-founder of Intel’s software security organization, as well as the CTO of Cyvera and HeXponent (co-founder) before their acquisition.
Huajiang “Kevin2600” Chen (Twitter: @kevin2600) is a senior security researcher. He mainly focuses on vulnerability research in wireless and Vehicle security. He is a winner of GeekPwn 2020 and also made to the Tesla hall of fame 2021. Kevin2600 has spoken at various conferences including KCON; DEFCON and CANSECWEST.