Title: Automated unpacking and classification of malwaresSpeaker: Ero Carrera, Chief Research Officer at VirusTotalDate: Friday, APR. 10, 4:30pm~5:30pm 2009Place: ICP lecture room, Science library 611Abstract:In this talk, we walk through the evolution of the reverseengineering tools and the focus on automation we have seenin the last few years. Topics covered include automatedunpacking technologies and classification of malwares.Bio:Ero Carrera is currently Chief Research Officer ofCollaborative Security at VirusTotal and a reverse engineeringautomation researcher at zynamics GmbH (was SABRE Security GmbH),home of BinDiff and BinNavi. Ero has previously spent several yearsas a Virus Researcher at F- Secure where his main duties rangedfrom reverse engineering of malware to research in analysisautomation methods. Prior to F-Secure, he was involved inmiscellaneous research and development projects and always hada passion for mathematics, reverse engineering and computer security.While at F-Secure he advanced the field of malware classificationintroducing a joint paper with Gergely Erdelyi on applyinggenomic methods to binary structural classification. Other projectshe has worked on include seminal research on generic unpacking.Ero has presented in conferences such as HackInTheBox, RSA, BlackHatand Source in addition of also teaching a reverse engineering coursein the BlackHat conferences. Additionally, Ero is a habitual lurkeron OpenRCE and has contributed miscellaneous reverse engineeringtools such as pefile and ida2sql and others such as Pythonika and pydot.