jump to navigation

My latest presentation May 8, 2007

Posted by Dave Marcus in General Security, Malware, Presentations.

I posted recently about a presentation I was about to give at the DoDIIS Conference. I am pleased to say that it went well. I really like these types of conferences best – smaller venue, smaller rooms – ’cause it lends itself better to really good Q&A. I think presentations are truly about Q&A. I think it the ultimate test of whether or not you have connected with an audience.

The presentation itself was about malware trends. Two areas in general:

  • Financial Trends in Malware
  • Stealth in Malware

We then had some really good discussions about rootkits and proactive detection in anti-malware technology. I always like discussing proactive detection which usually comes from the “AV is dead” line of discussion. This area of discussion is a great opportunity to discuss the different types of “signature” or driver detections. Most exponents of the whole “AV is dead” line of thinking simply do not truly understand the main types of detections – specific, generic and heuristic. Most tend to think that AV detection is solely specific signature (or driver) detection. This usually gives rise to the whole “AV is dead” line of thinking. A friend of mine at McAfee, Greg Day, does a great job of explaining the differences in a paper he presented at VB2005.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: