Name: When Malware Changed Its Mind: How "Split Personalities" Affect Malware Analysis and Detection
Start: 2023-01-24T16:40:00-0800
End: 2023-01-24T17:10:00-0800

Back To Schedule

When Malware Changed Its Mind: How "Split Personalities" Affect Malware Analysis and Detection

We are presenting the first large-scale study of malware samples that change their behavior when executed on different hosts or at different times, using data from 5.6 million hosts from around the world. Researchers and practitioners have been aware of this problem for over a decade, but prior to our work the behavior variability had not been measured at scale. We demonstrate how malware with such "split personalities" may confound the current techniques for malware analysis and detection. More importantly, we illustrate the unique insights that the security industry can gain by monitoring malware behavior ethically and at scale, on real hosts.

Speakers

Tudor Dumitras

Associate Professor, University of Maryland, College Park

Tudor Dumitraș is an Associate Professor in the Electrical & Computer Engineering Department at the University of Maryland, College Park. His research focuses on data-driven security: he studies real-world adversaries empirically, he builds machine learning systems for detecting... Read More →

Tuesday January 24, 2023 4:40pm - 5:10pm PST
Santa Clara Ballroom

Talk

Enigma 2023

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tudor Dumitras