-->
29th IEEE Symposium on Computers and Communications (ISCC)
IEEE ISCC 2024 | 26-29 June, Paris, France

TUTORIALS

Malware Analysis and Detection exploiting AI/ML methods

Abstract: Malicious software threatens the security of computer systems from desktops to cloud servers, from mobile devices to industrial systems. Malware is increasingly used by threatening actors to target private corporations, public organizations and critical infrastructures as well as individuals. Cases of well publicized attacks, such as the SolarWinds attack, ransomware attacks on Boeing, Dish network, Western Digital, Advantech, Canon, and a number of organizations in the healthcare sector, are only a few publicly known cases, that demonstrate the extent and importance of the problem. Such attacks have significant financial impact, due to damages, and lead to data leakage with unpredictable and long-term consequences. Current estimates are that the yearly cost of malware will climb above $ 10 trillion by 2025, while more than 500,000 new malware samples and potentially unwanted applications are detected every day with the global number of malware programs detected exceeding 1 billion. Significant effort is spent to design effective and efficient malware analysis and detection systems. These efforts include the use of program sample features derived from static analysis as well as from dynamic analysis. In static analysis, features are extracted from binary files without executing them. As static analysis is limited due to obfuscated malware, dynamic analysis is employed as well, where suspicious programs are executed in virtual environments and measurements are made. Features and measurements from static and dynamic analyses are provided to classifiers, which differentiate malware from benign programs, using classification techniques. Such classifiers typically employ machine learning techniques such as random forests, support vector machines and, increasingly, deep learning neural networks and federated learning methods. In the latter case, significant amounts of reliable data are required for effective and efficient training of the classifiers. In this tutorial, we will present malware analysis and detection techniques and tools. First, we will cover techniques and tools for static analysis and then, we will cover dynamic analysis ones. We will present common and advanced classifiers, addressing also the problem of data availability. Finally, we will present a complete, open software platform that combines static and dynamic analysis as well classifiers for effective malware detection.

Instructor:

Dimitrios Serpanos - President - Computer Technology Institute & Press ...
Dimitrios Serpanos


Navigating Cyber Threats: The Risk of Vulnerable Binaries in Maritime Systems

Abstract: This Seminar is a specialized and intensive program focused on enhancing cyber security in port environments. This seminar is dedicated to imparting vital knowledge and hands-on skills necessary for protecting port systems and infrastructure from cyber threats. Trainees will immerse themselves in the complex world of port cyber security, examining the myriad of threats and attacks that could jeopardize the security and efficiency of port operations. This training program is designed to specifically address the cyber security challenges in port environments. It brings together world-renowned experts to enhance technical skills in key areas of cyber security, with a special focus on ports. The program covers ethical hacking, risk management, incident handling, and practical cybersecurity issues specific to maritime ports.

Instructors:

             
Dimitris Koutras                     Dimitrios Kallergis