This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, July 1 • 11:35 - 12:20
Analyzing and Detecting Flash-based Malware

Sign up or log in to save this to your schedule and see who's attending!

Adobe Flash is a popular platform for providing dynamic and multimedia
content on web pages. Despite being declared dead for years, Flash still
is deployed on millions of devices. Unfortunately, the Adobe Flash
Player increasingly suffers from vulnerabilities, and attacks using
Flash-based malware regularly put users at risk of being remotely
attacked. We present Gordon, a method for the comprehensive analysis and
detection of Flash-based malware. By analyzing Flash animations at
different levels during the interpreter’s loading and execution process,
our method is able to spot attacks against the Flash Player as well as
malicious functionality embedded in ActionScript code. To achieve this
goal, Gordon combines a structural analysis of the container format with
guided execution of the contained code—a novel analysis strategy that
manipulates the control flow to maximize the coverage of indicative code
regions. In doing so, Gordon significantly outperforms related
approaches when applied to samples shortly after their first occurrence
in the wild, demonstrating its ability to provide timely protection for
end users.

avatar for Christian Wressengger

Christian Wressengger

TU Braunschweig
Christian Wressnegger is a full-time researcher at the Institute of System Security of the TU Braunschweig, Germany. Before joining academia to pursue a PhD, he has been working in Anti-Virus industry and in data analytics for computer security applications using machine learning. Christian's research interests revolve around the detection and prevention of malware and in particular, malware embedded in passive "containers" such as web pages... Read More →

Friday July 1, 2016 11:35 - 12:20
Room A (Michelangelo Ballroom Sect. 3)

Attendees (11)