Sick Anti-Forensics Mechanisms in the Wild
- Alissa Torres
- Friday, March 7th, 6:00pm - 7:00pm
For those in the trenches of enterprise defense, it appears malware authors are deriving sick pleasure of late in mechanizing their end products with sophisticated self-defense and evasion capabilities. From "environmentally-aware" binaries to malware that defeats image acquisition, attackers are becoming increasingly more adept at evading analysis. During this presentation, several of these anti-forensics techniques will be explored, preparing attendees for what they are likely to encounter with increasing frequency - malware that fights back.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Lunch & Learn: Short presentations given during the lunch break.
Wednesday, March 5
|Welcome to SANS
||Wednesday, March 5th, 8:15am - 8:45am
|DFIReception - Forensicators Unite!
||Wednesday, March 5th, 6:00pm - 7:00pm
|Keynote: Have no fear - DFIR is here!
||Rob Lee, Chad Tilbury, Alissa Torres, Phil Hagen, and Lenny Zeltser
||Wednesday, March 5th, 7:00pm - 8:30pm
Saturday, March 8
||Saturday, March 8th, 12:30pm - 1:15pm
||Lunch and Learn