BSidesLV has ended
Thank you for joining us for our 5th Anniversary celebration! We certainly hope you enjoy the conference. Here’s to Education, Collaboration, and Community!

Remember, we don’t take ourselves too seriously and you shouldn’t, either! To quote the old motto of another collaborative community, "We trick into learning with a laugh".

We wish you both laughter and learning - and lots of both!

-= Team BSidesLV 
Back To Schedule
Tuesday, August 5 • 11:45 - 13:00
Evading code emulation: Writing ridiculously obvious malware that bypasses AV

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Code emulation, a technology capable of detecting malware for which no signature exists. It’s a powerful step in the right direction for client security, but it’s a long way from mature. This talk will demonstrate how the code emulation engine in Anti-Virus Guard (AVG) can be reverse engineered by progressively testing its features, and ultimately evading detection. The result is a Command-and-Control (C&C) bot, in a non-obfuscated windows shell script, that AVG and many other leading AV engines will not detect. I will propose solutions on how these code emulation environments can be improved, making the detection of zero day malware far more successful going forward. This is not a jab against AVG, as they get enormous credit for including such a powerful tool in a free antivirus client.


Kyle Adams

Chief Software Architect for Junos WebApp Secure, Juniper Networks
Kyle Adams has been involved with security since a very early age. Self-taught, he learned the basics of hacking and security defense strategies long before entering the professional world. Early on, much of his professional focus was on web security threats like SQLi, XSS, CSRF... Read More →

Tuesday August 5, 2014 11:45 - 13:00 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

Attendees (0)