Explore the concept of entropy in obfuscated code through this 36-minute conference talk from BSides Cleveland 2015. Delve into topics such as information theory, analyzing malware, and various random processes. Learn about module entropy, static signatures, and their implications for both offensive and defensive cybersecurity. Gain insights into how entropy analysis can be applied to different types of files, including office documents and JavaScript. Discover practical applications of these concepts in real-world scenarios, from malware detection to understanding user agents and blue team strategies.
Overview
Syllabus
Intro
Outline
Office documents
JavaScript
Information Theory
Entropy
Interstellar
Coin Flip
Redundancy
Analyzing Malware
Analyzing Other Malware
Zero Order Random Process
Second Order Random Process
Third Order Random Process
Second Order Word Approximation
Malware
Entry Score
Edit Customer
Show All Customers
Cool Moments
Module Entropy
Static Signature
What transcends language
First names
Second names
Math
User Agent
Blue Team
