Level: Technical

Abstract:

Obfuscation is the deliberate act of introducing anomalies in a binary, source or machine instructions in order to deter analysis and effectively “harden” the binary. In this talk, the speaker will attempt to introduce the concept of obfuscation with a focus on ELF & PE binaries to demonstrate the effectiveness of such techniques in deterring analysis and throwing the analyst on a wild goose chase. We’ll cover a range of techniques, how and why they work, and how do different analysis tools react to those changes.

This talk will involve a live ransomware sample (safety helmets will be provided by BSides Ljubljana).

Basic knowledge of reverse-engineering and programming is required for this talk.

Bio:

Abdullah Joseph is the mobile security team lead of Adjust, providing mobile analytics services to clients around the globe and overseeing the security of mobile open-source libraries integrated in over 22,000 mobile apps and hitting over 400+ billion data points per month. His team works on researching current and future mobile ad fraud schemes and developing appropriate countermeasures. He is also the holder of GREM, GMOB and GPEN certifications.

Blog: https://riverbird.co

Comments are closed.