This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Thank you for joining us for our 5th Anniversary celebration! We certainly hope you enjoy the conference. Here’s to Education, Collaboration, and Community!

Remember, we don’t take ourselves too seriously and you shouldn’t, either! To quote the old motto of another collaborative community, "We trick into learning with a laugh".

We wish you both laughter and learning - and lots of both!

-= Team BSidesLV 
View analytic
Tuesday, August 5 • 11:45 - 13:00
Evading code emulation: Writing ridiculously obvious malware that bypasses AV

Sign up or log in to save this to your schedule and see who's attending!

Code emulation, a technology capable of detecting malware for which no signature exists. It’s a powerful step in the right direction for client security, but it’s a long way from mature. This talk will demonstrate how the code emulation engine in Anti-Virus Guard (AVG) can be reverse engineered by progressively testing its features, and ultimately evading detection. The result is a Command-and-Control (C&C) bot, in a non-obfuscated windows shell script, that AVG and many other leading AV engines will not detect. I will propose solutions on how these code emulation environments can be improved, making the detection of zero day malware far more successful going forward. This is not a jab against AVG, as they get enormous credit for including such a powerful tool in a free antivirus client.


Kyle Adams

Chief Software Architect for Junos WebApp Secure, Juniper Networks
Kyle Adams has been involved with security since a very early age. Self-taught, he learned the basics of hacking and security defense strategies long before entering the professional world. Early on, much of his professional focus was on web security threats like SQLi, XSS, CSRF, etc…but more recently he started researching and working on products to defend against malware based threats. Kyle helped build and design the first commercial... Read More →

Tuesday August 5, 2014 11:45 - 13:00
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

Attendees (27)