Advanced Binary Analysis Techniques

Malware is growing in complexity as adversaries leverage the very same protection techniques that are developed for digital rights management solutions and anti-cheat solutions. This Lab offers hands-on analysis techniques to defeat modern malware including code emulation, symbolic execution, and constraint solving to reason about malicious behavior statically without executing dangerous code. This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion, and remind attendees that no comment attribution or recording of any sort should take place. Pre-Requisites: Knowledge of basic reverse engineering, x86 assembly and C programming languages is required. Knowledge of the Python programming language is recommended. Familiarity with Ghidra is an asset. This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.