Session

Exploring the UEFI Landscape with Machine Learning Approaches

UEFI security has been a hot topic for the past few years. Several high-impact vulnerabilities have been found, and even a few rootkits have been exposed. However, finding such rootkits in-the-wild is a very challenging task both because of the sheer size of the UEFI landscape and the lack of established methods. This presentation will introduce techniques we’ve developed and currently use at ESET to identify such rootkits. We’ll discuss full machine learning pipeline design from feature extraction through transformation and efficient indexing to final decision making. We’ll also analyze some of the most recent malicious findings we’ve identified in the UEFI landscape.

Biography

Filip Mazán is a Software Engineer at ESET. Initially, he worked as a Malware Analyst. Since 2013, he has worked on various automated threat detection systems and helped to design several machine learning applications. Currently, he’s leading the Threat Detection and Machine Learning Research Team and supervises several machine learning research projects at ESET. He’s presented his research at several international cybersecurity conferences.

 

Latest news

3 reasons you need to be at CyberSec&AI ...

Partnerships and collaborations drive progress and technological advances. With travel restrictions ...

Podcast: Avast’s Michal Pechoucek on what e...

Michal is one of the chief architects behind CyberSec&AI Connected, which takes place online on ...

Bobby Filar, Lead Data Scientist at Elastic, ...

Bobby Filar is the Lead Data Scientist at Elastic where he employs machine learning and natural lang...

Professor Lorenzo Cavallaro on adversarial ma...

Lorenzo leads the Systems Security Research Lab where he specializes in the intersection of program ...