Software Security, Protection, and Reverse Engineering Workshop
Hilton Los Angeles/Universal City, Los Angeles, CA
December 5-6, 2016
We want to thank the following sponsors for their support of SSPREW-6.
Formal Avenue for Chasing malwarE
Today's security threats are characterized by effective dissemination mechanisms (
e.g., droppers, drive-by download), malicious mobile apps, and targeted attacks. The large amount of malware samples are often mutations and
porting of known families (also to mobile platforms). Malicious mobile apps are difficult to analyze because they do not show their
full malicious behavior if not properly stimulated. Modern malware attempts to evade both dynamic and static approaches, with
anti-debugging, obfuscation and metamorphism techniques. In these cases, a semantic approach to hybrid (dynamic and static)
analysis techniques would lead to a more precise understanding of the malware behavior and, therefore, to the development
of more effective detection mechanisms. Indeed, formal approaches to program analysis are a promising research direction, although
their application to malware is still quite poor. We believe that semantics-based formal approaches for modeling and reasoning on the
evolving behavior of metamorphic malware will provide a significant contribution to both research community and industry.
The main challenge is the isolation of the common malicious behavior shared across the metamorphic variants. FACE will leverage
formal approaches for modeling 1) the common malicious behaviors and 2) the execution environment (e.g., target system, sandbox),
so to account for environment-sensitive malware.
Riscure is a global security test lab and market leader in side channel test equipment.
Riscure was founded in 2001 by Marc Witteman, who has been working the field of chip security
since 1993. Operating from Delft in the Netherlands, Riscure started serving customers from
all around the world. During the first years, security evaluation services were the main focus,
mostly for customers in the financial industry. Later on the evaluation services also evolved
towards the pay-tv industry. When in 2005 the first product was sold to a customer, development
of security test equipment also became integral to Riscure's business. In 2011 Riscure opened an
office in San Francisco USA in order to get local presence for its customers in North America.
Riscure evaluates the security of chip technology and embedded devices that are designed to operate
securely in any environment. They are the leading security test lab for chips and settopboxes deployed
in the pay-tv industry and is also an international market leader in providing test equipment
for side channel robustness of chip technology. Riscure's equipment is used by chip manufacturers,
government agencies and security test laboratories all around the world.
Irdeto is a world leader in content security, management and delivery for
pay media companies. Through its innovative conditional access, dynamic monetization and content
security technologies, the company allows new forms of distribution for broadcast, broadband
and mobile entertainment. For more than 40 years Irdeto has been helping to evolve today's
connected day — from enabling the world's first digital satellite pay TV network to the world's
first mobile broadcast TV service to nearly every device and medium that a business or consumer
engages on a regular basis. Irdeto has been there from the beginning and proudly looks forward to
continuing to foster the connected day, driven by the digital industry.