Ransomware vs. AI. Part 1 – Overview of AV Bypassing Techniques Used in Targeted Ransomware Attacks
Tid: 10 juni 2020 09:00-09:45
Plats: BTH Campus Gräsvik
The Professional Masters in Information Security project (PROMIS -promisedu.se) presents online inspiration seminars on cutting edge topics and areas.
At the end of the seminars we will shortly also discuss and show our new educational initiative, and courses specifically adapted towards the security area FOR industry/working active people looking to further their knowledge in the area. The courses are full university courses but given in a manner so that you can take them on distance without disturbing your work!
For details on PROMIS: www.promisedu.se
For details in the seminars see below: (no registration required!).
Join in via Zoom link: https://bth.zoom.us/j/66653906023
Or via Zoom Meeting ID: 666 5390 6023
”Ransomware vs. AI. Part 1 – Overview of AV Bypassing Techniques Used in Targeted Ransomware Attacks.”
A modern cybersecurity solution cannot be imagined without using Artificial Intelligence and Machine Learning for detecting cyberattacks. In this regard, two main approaches are typically used: finding patterns of known cyberattacks and anomaly detection for unknown ones.
Therefore, to bypass anti-malware protection, attackers invest their efforts into changing the behavior to break the existing detection pattern. Moreover, they try to mimic benign application form and behavior to not being discovered as an anomaly. For example, we’ll consider tactics and techniques used in the well-known targeted ransomware attacks happened last year in LockerGoga, MegaCortex, Buran, and Ryuk ransomware to reduce the footprint in a victim’s system that includes the usage of digital signature, multiprocess encryption, and replacing Microsoft CryptoAPI with hardcoded open-source crypto code.