Welcome to DC4420, aka Defcon London.
.reality [2015 edition]
Meetings are normally the last Tuesday of the month, except December...
New attendees welcome, just come along!
(There are no entry fees, and no tickets to book.)
April 28th 2015
We have 1 talk confirmed:
1st Talk Subject:
Combating Evasive Malware
Marco Cova, Lastline
Malware is one of the main threats in today's security
landscape. The current state-of-the-art approach to the detection and
analysis of malware consists of using dynamic analysis tools
(sandboxes) to execute a malware sample and observe its actions at
runtime. This approach is appealing because it does not rely on
detecting specific malicious code patterns, but looks for generic
"suspicious behaviors" that are common among several malware families,
and, in addition, provides visibility into the protocols and
infrastructure that attackers use to control their malicious samples.
Of course, attackers know about sandboxes and have a vested interest
in making their analysis less effective. In particular, over time,
they have developed a number of techniques to evade or complicate the
analysis of a sample performed by sandboxes.
In this talk, we will draw on our experience with designing and
running a couple of popular sandboxes to discuss some of the evasive
techniques we see used by malware authors, and we will then present a
number of solutions to these challenges.
Bio: Marco Cova is a senior security researcher and a member of the
founding team of Lastline, a company providing anti-malware solutions.
Before defecting to industry, he was a Lecturer in Computer Security
with the School of Computer Science, University of Birmingham. He has
received his PhD from the University of California, Santa Barbara, and
has spent several sleepless nights in Vegas playing the Defcon CTF
with team Shellphish.
No second speaker confirmed.
If you'd like to give one talk to Major, Tony or Mark or
email firstname.lastname@example.org if you'd like to give one.
Format is usually two talks: a primary 1 hour (ish) and,
a secondary 30 minutes (ish).
Talks start at 19:30, but we have the room from about
18:30 to 23:00.
Typically our programme has a technical talk (~1 hr) and lighter talk (~30 min).
Once or twice a year we have a "Lightning Talk" format, with shorter
talks up to ~15 minutes, with anyone who wants to speak on the night.
The qualifications for speakers are simple, have a subject of interest
to fellow technical & InfoSec people. The subject can be on technical
or security issues, social interaction with technology, based on the
current events, or just something entertaining to our attendees.
As a speaker you can be an expert, a student, someone learning a new
area, maybe a regular speaker on the conference circuit, but we also
love to have new & occasional speakers.
Send your talk / activity proposals to email@example.com
You are very welcome to propose running activities other than talks, such
as hands-on workshop or an infosec pub quiz, or something else relevant to our
We also welcome occasional company pitches, to sell or recruit, but to regulate
the frequency of these we ask you to buy a round of drinks. Also please
discuss with Major Malfunction or Tony beforehand!
The Phoenix, Cavendish Square
Nearest tube (Bakerloo, Central and Victoria lines) and bus stops are
at Oxford Circus. Transport for London have a journey planner http://www.tfl.gov.uk/
We've got this handy Google Calendar thing here
Twitter : @dc4420, use the tag #dc4420
IRC: #dc4420 on Freenode
Mailing List: Get on the mailing list: here
(Note: don't set your address to dc4420@ as that won't work.)
Linkedin : dc4420 group - 640 & growing (March 2015).
Do you read the notes there?
(No recruiters allowed on unless they've been to the meetings and intro'd themselves to tony and major.)
Talks: Send your info to firstname.lastname@example.org
Want to change the website? Submit a pull request