Explore advanced network monitoring techniques for macOS security in this DEF CON 31 conference talk that addresses the gap in malware detection capabilities on Apple systems. Dive into programmatic approaches for network traffic analysis, focusing on enumerating network state, statistics, and traffic monitoring directly on macOS hosts. Learn to implement open-source solutions utilizing low-level APIs, private frameworks, and user-mode extensions to gain comprehensive insight into networking activity. Master efficient methods for detecting both known and unknown malware threats through network access monitoring, leveraging powerful detection heuristics specifically designed for the macOS platform.
Leveraging macOS Networking Frameworks to Heuristically Detect Malware
Overview
Syllabus
DEF CON 31 - Leveraging macOS Networking Frameworks to Heuristically Detect Malware - Patrick Wardle
Taught by
DEFCONConference
Related Courses
-
Nothing but Net - Leveraging macOS's Networking Frameworks to Heuristically Detect Malware
-
Leveraging macOS Networking Frameworks for Heuristic Malware Detection
-
Malware Analysis: Malicious Activity Detection
-
Network Analysis with Real Intelligence Threat Analytics (RITA)
-
Meet and Greet with the macOS Malware Class of 2016
-
Getting a Migraine - Unique System Integrity Protection Bypass on macOS
