Next-Generation of Exploit Kit Detection by Building Simulated Obfuscators

Explore the next generation of exploit kit detection through the construction of simulated obfuscators in this Black Hat conference talk. Delve into the world of driving-by downloads attacks and the role of exploit kits in malware delivery. Learn about the key obfuscation techniques used to evade firewall detection and the limitations of current research approaches. Discover how rebuilding obfuscators for six notorious exploit kit families can benefit cybersecurity research. Examine the design and implementation of these simulated obfuscators, their evaluation process, and the insights gained from generating a vast array of samples. Investigate the evolution of obfuscators within each exploit kit family and explore potential predictions for future variations. Challenge current variation naming conventions and consider a new approach based on actual obfuscator changes. Gain valuable knowledge on the amplification effect of obfuscator modifications on obfuscated pages and its implications for cybersecurity.