Recently I returned from the Association of Anti-Virus Asia Researchers (AVAR 2010) conference in Bali, Indonesia, where I got the chance to learn and discuss the latest threats with the colleagues in the antivirus industry, and how to improve our tools and mechanisms to keep up with the challenges we are facing.
(As a brief introduction – it was my first time at an AVAR conference, and this my first blog post as part of the Commtouch team. I have been a malware analyst for more than six years; I’m beginning my second year with Authentium – Now Commtouch, following the acquisition.)
Back to the conference – keynote speaker Mikko Hyppönen, chief research officer, F-Secure, discussed the evolution of malware, from its origin as amateur challenges to its use by organized cybercriminals. Others delved into the challenges we’ve been dealing for years, such as the use of icons as a form of social engineering (Cristian Lungu, Bitdefender), and the evolution of PDF attacks (Kazumasa Itabashi, Symantec). Tools were also presented, as we learned about a sandbox solution for Javascript malware (Rajesh Mony, Webroot), and an algorithmic approach to semantic signature extraction for polymorphic viruses (Narendra Kumar).
The AVAR conference was an excellent opportunity to meet other industry experts to discuss current threats – spam, PDF attacks, rogue software challenges, mobile threats – and solutions – sandboxes, cloud-based technology, false positive testing, anti-malware testing, etc. We also had the opportunity to learn about the support the industry gets from law enforcement, as we heard presentations about cybercrime studies and government enforcement in some parts of Asia.