Session

Exploring the UEFI Landscape with Machine Learning Approaches

UEFI security has been a hot topic for the past few years. Several high-impact vulnerabilities have been found, and even a few rootkits have been exposed. However, finding such rootkits in-the-wild is a very challenging task both because of the sheer size of the UEFI landscape and the lack of established methods. This presentation will introduce techniques we’ve developed and currently use at ESET to identify such rootkits. We’ll discuss full machine learning pipeline design from feature extraction through transformation and efficient indexing to final decision making. We’ll also analyze some of the most recent malicious findings we’ve identified in the UEFI landscape.

Biography

Filip Mazán is a Software Engineer at ESET. Initially, he worked as a Malware Analyst. Since 2013, he has worked on various automated threat detection systems and helped to design several machine learning applications. Currently, he’s leading the Threat Detection and Machine Learning Research Team and supervises several machine learning research projects at ESET. He’s presented his research at several international cybersecurity conferences.

 

Latest news

The positive development of a privacy preserv...

Since the beginning of the year, we have watched COVID-19 cases fluctuate around the world, turning ...

How AI can learn to win the cybersecurity “game”

Cybersecurity is an incredibly serious business. So thinking of it as a game may seem a little odd. ...

Global audience makes first virtual CyberSec&...

The first virtual edition of CyberSec&AI Connected took place on October 8th. Building on 2019...

CyberSec&AI Connected is here!

After a year of planning and preparation, CyberSec&AI Connected has arrived. Today sees delegate...