o-checker : Malicious document file detection tool - Malicious feature can be detected based on file size by Yuuhei Ootsubo

50 %
50 %
Information about o-checker : Malicious document file detection tool - Malicious feature...
Technology

Published on March 12, 2014

Author: codeblue_jp

Source: slideshare.net

Description

In the targeted email attacks, it is often used the documentation file embedded with the execution files. To detect this kind of malicious documentation file, researching with the malcode detection approach has been focused. However, because the attacker can write the arbitrary code, thus it is always behind of the attacker to find the unknown malcode by focusing the traditional malcode detection methods.

In this talk I will introduce a different analytical approach compared to the more traditional malcode detection approach to detecting targeted email attacks by focusing on structural analysis of file formats. I will explain the ability to detect malware solely on file size and introduce o-checker which has implemented a general detection method that does not rely on the content of malicious code.

Yuuhei Ootsubo

Started to be interested in programming around 1987.
2005 Employed by the National Police Agency.
2007 National Police Agency Public Safety Information Technology Counter Crime Division.
2001 National Police Agency Information Communication Division Information Technology Analysis Division.
2012 Assigned to The National Information Security Center.

Add a comment

Related presentations

Related pages

Malicious Code | Veracode - Cloud-Based Application ...

... backdoors and malicious active content. Malicious code can ... deleting document files, ... backdoors and malicious code. Veracode Detection Tool ...
Read more

Document File - Documents - Discover, share, present ...

o-checker : Malicious document file detection tool - Malicious feature can be detected based on file size by Yuuhei Ootsubo
Read more

Schedule - Time Table - CODE BLUE : International Security ...

Schedule - Time Table ... Malicious document file detection tool - Malicious feature can be detected based on file size Yuuhei Ootsubo:
Read more

Code Blue 2014 - Concise Courses Information Security ...

Code Blue 2014 According to the ... o-checker: Malicious document file detection tool - Malicious feature can be detected based on file size: Igor Skochinsky:
Read more

Download Malicious Software Removal Tool from Official ...

File Size: 52.3 MB. KB Articles: ... The Microsoft Windows Malicious Software Removal Tool checks Windows 10 Technical Preview, ... malicious software was ...
Read more

How to Tell if a File is Malicious | Gizmo's Freeware

How to Tell if a File is Malicious. ... In fact many malicious files are designed to do ... The file size that can be detected by VirusTotal.com has now ...
Read more

Manual analysis of carrier files & advanced detection with ...

Manual analysis of carrier files ... network opens a malicious document that slipped through?) can be ... File Name : taxanom.exe. File Size ...
Read more

CODE BLUE : International Security Conference in Tokyo ...

World leading security researchers will come together for this unique international conference in Tokyo February 17th and 18th 2014 CODE BLUE JAPANESE ...
Read more

Security for SharePoint - Bitdefender

BitDefender Security for SharePoint provides ... The files can either be cleaned or kept in a ... Antivirus In addition to signature based detection, ...
Read more