SEC536: Adversarial AI - Penetration Testing AI Systems


Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThis hands-on workshop provides a foundational understanding of ICS/OT malware: how it's categorized, how it works and how to begin analyzing it. Topics include a brief history of ICS malware, the types of ICS malware, and a focused look at control protocol malware such as FrostyGoop. Students will complete beginner-friendly malware analysis labs to learn how to analyze “unknown” malware and identify targeted ICS protocols and manipulated process values. Target Audience: Security professionals interested in malware analysis or ICS/OT protocols. No prior reverse engineering experience is required. Attendees should be comfortable with general security concepts, command-line usage, Linux, and Wireshark. Attendees should bring a laptop capable of running an x86-64 virtual machine. Learning Outcomes: - Understand the categories of ICS malware and how control protocol malware differs from traditional malware threats. - Use dynamic analysis to identify the industrial protocol targeted by an unknown malware sample. - Perform introductory static analysis of decompiled code.


Jimmy Wylie is a malware analyst at Dragos, Inc., who reverse engineers threats to critical infrastructure.
Read more about Jimmy Wylie





