![DEF CON 23 [Audio] Speeches from the Hacker Convention artwork](https://is5-ssl.mzstatic.com/image/thumb/Podcasts123/v4/c3/f8/7e/c3f87e44-fc95-645c-620b-3c8e5117429e/mza_5097239825481086059.jpg/100x100bb.jpg)
Mike Sconzo - I Am Packer And So Can You - 101 Track
DEF CON 23 [Audio] Speeches from the Hacker Convention
English - September 22, 2015 05:27 - 42.7 MB - ★★★ - 4 ratingsTechnology Education How To def con defcon hacking hacker conference computer security security research defcon 23 def con 23 dc-23 dc23 Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Materials Available here:https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Mike-Sconzo-I-am-packer-and-so-can-you.pdf
I Am Packer And So Can You
Mike Sconzo Security Researcher
Automating packer and compiler/toolchain detection can be tricky and best and downright frustrating at worst. The majority of existing solutions are old, closed source or aren’t cross platform. Originally, a method of packer identification that leveraged some text analysis algorithms was presented. The goal is to create a method to identify compilers and packers based on the structural changes they leave behind in PE files. This iteration builds upon previous work of using assembly mnemonics for packer detection and grouping. New features and analysis are covered for identification and clustering of PE files.
Mike Sconzo has been around the Security Industry for quite some time, and is interested in creating and implementing new methods of detecting unknown and suspicious network activity as well as different approaches for file/malware analysis. This includes looking for protocol anomalies, patterns of network traffic, and various forms of static and dynamic file analysis. He works on reversing malware, tool creation for analysis, and threat intelligence. Currently a lot of his time is spent doing data exploration and tinkering with statistical analysis and machine learning.