Explore the evolution of IoT malware and learn effective countermeasures in this comprehensive conference talk from BSides NoVa 2017. Trace the history of malware from early examples like Creeper and Reaper in 1971 to sophisticated threats like Stuxnet in 2010. Examine the growth of evasive malware techniques, including polymorphic viruses and the Blue Pill concept. Analyze various malware detection methods and evasion strategies, both static and dynamic. Investigate different motivations behind malware creation, from proof of concept to destructive intent, profit-seeking, and cyber operations. Gain insights into the intersection of malware and IoT, and consider predictions about future malware evading anti-malware solutions. Equip yourself with knowledge to better understand and combat emerging threats in the IoT landscape.
Overview
Syllabus
Intro
Creeper and Reaper (1971)
Brain (1986)
Concept (1995)
Blaster (2003)
Stuxnet (2010)
History of Malware Evasion
Growth of Evasive Malware
Morris Worm (1988)
Polymorphic Viruses (1990's)
Blue Pill (2006) - Joanna Rutkowska
lot Worm (2016) - Ronen, O'Flynn, Shamir, Weingarten
Malware Detection Techniques
Malware Evasion - Static
Malware Evasion - Dynamic
Categories of Motive
Motive: Proof of Concept
Creeper (1971) – Bob Thomas
Motive: Destructive
CIH (1998)
Motive: Profit
Motive: Cyber Operations
Malware and lot
Prediction: Malware will evade anti-malware
