Description
Date depot: 1 janvier 1900
Titre: Prevention and Analysis of Cyber-Attacks
Directeur de thèse:
Davide BALZAROTTI (Eurecom)
Domaine scientifique: Sciences et technologies de l'information et de la communication
Thématique CNRS : Non defini
Resumé:
Objective
Despite the incredible effort and the enormous investments to increase security and fight cybercrime,
the number of security incidents is rapidly increasing every year. Many forms of cyber attacks (such as botnets, spam, and phishing pages) are simply designed to target the largest number of users or devices. In contrast, when an attack is customized for, and targeted at, a small number of victims, its effectiveness is usually much higher. An important factor to take into account is that these types of targeted attacks often involve attackers with an abundance of available resources to evade current detection and analysis techniques. As a result, many sophisticated attacks remained undetected for long period of times (seven years for “Careto”, eight for the “Turla” group, and potentially even longer for some of the NSA backdoors) before the security community was finally able to detect their presence on the infected machines.
In this challenging context, this dissertation will explore new techniques to prevent, detect, and analyze sophisticated cyber-attacks. The work will focus on operating system and host-based solutions as well as offline analysis approaches to analyze suspicious samples or compromised machines. As a result, the final goal is to explore several directions for advanced malware analysis, for OS protection and threat detection, and for improved memory analysis.
In particular, memory analysis is today an active research fields that have rapidly evolved over the past decade and now represents a popular, complementary approach to support modern malware analysis and inspect potentially compromised machines. Therefore, it can be a powerful tool to cope with the increasing sophistication of cyber attacks and to advance the state of the art in the field.
Doctorant.e: Pagani Fabio