Skip to main content
Office of Research

CERIAS Security Seminar: Using Endpoint Isolation to Track Malware Trends

The Center for Education and Research in Information Assurance and Security
March 8, 2023
4:30 PM - 5:30 PM
Zoom

Description

Speaker:
Patrick Schlapfer
HP

Abstract: Endpoint security controls have traditionally relied on detecting malicious activity to protect devices from intrusions. But attackers often change their techniques so quickly that detection patterns must be adapted, resulting in a detection lag. Some of this limitation can be solved by using hardware-based process isolation, which isolates risky endpoint tasks from the user's data and critical parts of the operating system. One of the most interesting data sources the HP Threat Research team uses to track malware trends and behaviors are isolation traces, since they can give us an insight into techniques that have bypassed detection controls. In this presentation, we provide an overview of captured attack techniques that are currently seen in the wild. We will elaborate how attackers try to bypass email security and how users are lured to infected websites to download malware. Finally, we will share advice on how to protect against such attacks and what to look out for.

About:

Patrick is a malware analyst at HP with interests in a wide range of security areas. He already focused on cyber security during his studies, where he developed a particular interest in malware analysis. After graduation, he worked on a scientific project at the university and built a dynamic malware analysis system for code similarity clustering. He gained further experience in incident response and threat intelligence at a Swiss bank. Since 2021, Patrick works as a malware analayst on HP's Threat Research team. He conducts analyses of new threats, using the results to improve HP's security products and shares them with the community.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info

Contact Details

Event Website

https://www.cerias.purdue.edu/news_and_events/events/security_seminar/details/index/1nrnl2hnn4rpll13v2ggqr4ckn@google.com

Add to calendar

Purdue University, West Lafayette, IN 47907 (765) 494-4600

© 2024 Purdue University | An equal access/equal opportunity university | Copyright Complaints | Maintained by Office of Research

If you have trouble accessing this page because of a disability, please contact Office of Research at vprweb@purdue.edu.