Does Your Threat Model Consider Country and Culture? A Case Study of Brazilian Internet Banking Security to Show That It Should
USENIX Enigma Conference via YouTube
Overview
This course aims to highlight the importance of considering country and culture in threat modeling, using a case study of Brazilian internet banking security. The learning outcomes include understanding the unique characteristics of the Brazilian scenario that influence the development of threats and targeting of users. Participants will learn about the specific threats faced in Brazil, such as JAVA-based malware and Whatsapp-based banking transactions, and the need for personalized threat models and security evaluations. The course covers topics such as internet banking, desktop clients, file formats, tracking attackers, comparing scenarios, analyzing real datasets, and evaluating Brazilian malware against antiviruses and machine learning. The teaching method involves a case study presentation by an expert in the field. This course is intended for cybersecurity professionals, threat analysts, security researchers, and anyone interested in understanding regionalized threats in the cybersecurity landscape.
Syllabus
Intro
Internet Banking Desktop Clients
A Predictable Future
A Profusion of File Formats
Tracking the Atlackers
The case of WhatsApp
A Scenarios Comparison
A Real Dataset
Brazilian Malware vs. Antiviruses
Brazilian Malware vs. Machine Learning
Taught by
USENIX Enigma Conference