Sophos at Black Hat USA 2017 and BSidesLV

EventsMalwareBlack Hat USA 2017BSidesLV

We’ll be at Black Hat USA and BSidesLV with talks and a shirt giveaway – come and say hi; we’d love to see you

Security experts are preparing to swoop into Las Vegas for next week’s 20th annual Back Hat conference and BSidesLV, and there will be much to discuss. Since last year’s events, threats against Internet of Things (IoT) devices have become a top news item and outbreaks from the likes of WannaCry and NotPetya have the industry rethinking what they thought they knew about ransomware and threats to critical infrastructure.

Black Hat USA 2017 will take place July 22–27 at Mandalay Bay Convention Center. Among the talks:

  • Facebook CSO Alex Stamos will present a talk called “Stepping up our game: Re-focusing the security community on defense and making security work for everyone”
  • Briefings will focus on vulnerabilities in such areas as IoT, malware, smart grid and industrial security and AppSec.
  • Black Hat Arsenal (Wednesday and Thursday, July 26-27) where independent researchers and the open source community will give live demos of their latest tools.

The event will include the Black Hat Business Hall (Wednesday and Thursday, July 26-27), featuring more than 270 security companies. There will also be a career zone, an innovation city and vendor sessions. You can find us at booth 947.

What’s happening at the Sophos booth?

Sophos researchers will be on hand throughout the event, including Dorka Palotay, who will discuss her new paper on the Philadelphia ransomware-as-a-service (RaaS) kit. Technical demos will include an Intercept X overview, with particular focus on how it defends customers from the likes of WannaCry. And, for those in the know who stop by the booth and say “Sophos is next-gen security”, we’ll be giving away special Sophos t-shirts.

Sophos data scientist Hillary Sanders will give a talk (July 26 from 5:05pm-5:30pm) called “Garbage in, Garbage Out: How Purportedly Great Machine Learning Models Can Be Screwed Up By Bad Data“.

As processing power and deep learning techniques have improved, Sanders says, deep learning has become a powerful tool to detect and classify increasingly complex and obfuscated malware at scale. A plethora of white papers exist touting impressive malware detection and false positive rates using machine learning, but virtually all of these are shown in the context of a single source of data the authors choose to train and test on. Hillary said in her talk description:

Accuracy statistics are generally the result of training on a portion of some dataset (like VirusTotal data), and testing on a different portion of the same dataset. But model effectiveness (specifically detection rates in the extremely low false-positive-rate region) may vary significantly when used on new, different datasets – specifically, when used in the wild on actual consumer data.

In this presentation, I will present sensitivity results from the same deep learning model designed to detect malicious URLs, trained and tested across 3 different sources of URL data. After reviewing the results, we’ll dive into what caused our results by looking into: 1) surface differences between the different sources of data, and 2) higher level feature activations that our neural net identified in certain data sets, but failed to identify in others.

WannaCry, NotPetya and Vault 7

Expect to hear a lot about May’s massive WannaCry outbreak and the NotPetya attack that came a month later. Both spread rapidly across the globe using NSA exploit tools leaked by the hacking group Shadow Brokers. WannaCry was unique in that it was ransomware spread by a worm instead of the usual phishing tactics. NotPetya was more traditional ransomware, but still spread further than most using the NSA tools.

Though both involved NSA tools leaked by Shadow Brokers, attendees can also expect to hear about WikiLeaks “Vault 7” dump of CIA cyberweapons and the risks they could pose to critical infrastructure.


IoT threats had been discussed for years at Black Hat, but in largely theoretical terms. This past year, the theoretical became reality when Mirai malware was used to hijack internet-facing webcams and other devices into massive botnets that were then used to launch a coordinated assault against Dyn, one of several companies hosting the the Domain Name System (DNS). That attack crippled such major sites as Twitter, Paypal, Netflix and Reddit. SophosLabs noted in its 2017 malware forecast that attackers were expanding efforts to target IoT devices through vulnerabilities in Linux.

The complete Black Hat USA 2017 schedule is available here.


Those attending Black Hat should also check out Security B-Sides (BSidesLV), where talks will range from threats against industrial control systems and mobile apps to how big data and deep learning can be used to mount a stronger defense. The event will also be heavy on talks about how to develop one’s career in the industry.

Two of Sophos’ data scientists will give talks at the event, held July 25 and 26 at Tuscany Suites. Other talks include “Something Wicked: Defensible Social Architecture in the context of Big Data, Behavioral Econ, Bot Hives, and Bad Actors,” by San Francisco-based security professional Allison Miller, and “Your Facts Are Not Safe with Us: Russian Information Operations as Social Engineering,” by Meagan Keim, a graduate student from the University of Maryland University College.

Sophos talks

Sophos Chief Data Scientist Joshua Saxe will present “The New Cat and Mouse Game: Attacking and Defending Machine Learning Based Software,” about ways the bad guys can manipulate machine learning to go on the attack. Saxe describes it this way in his talk description:

Machine learning is increasingly woven into software that determines what objects our cars recognize as obstacles, whether or not we have cancer, what news articles we should read, and whether or not we should have access to a building or device. Thus far, the technology community has focused on the benefits of machine learning rather than the security risks. And while the security community has raised concerns about machine learning, most security professionals aren’t also machine learning experts, and thus can miss ways in which machine learning systems can be manipulated.

My talk will help to close this gap, providing an overview of the kinds of attacks that are possible against machine learning systems, an overview of state-of-the-art methods for making machine learning systems more robust, and a live demonstration of the ways one can attack (and defend) a state-of-the-start machine learning based intrusion detection system.

Principal Sophos Data Scientist Richard Harang will present “Getting insight out of and back into deep neural networks.” He describes the talk this way:

Deep learning has emerged as a powerful tool for classifying malicious software artifacts, however the generic black-box nature of these classifiers makes it difficult to evaluate their results, diagnose model failures, or effectively incorporate existing knowledge into them.  In particular, a single numerical output – either a binary label or a ‘maliciousness’ score – for some artifact doesn’t offer any insight as to what might be malicious about that artifact, or offer any starting point for further analysis.  This is particularly important when examining such artifacts as malicious HTML pages, which often have small portions of malicious content distributed among much larger amounts of completely benign content.

In this applied talk, we present the LIME method developed by Ribeiro, Singh, and Guestrin, and show – with numerous demonstrations – how it can be adapted from the relatively straightforward domain of “explaining” text or image classifications to the much harder problem of supporting analysts in performing forensic analysis of malicious HTML documents.  In particular, we can not only identify features of the document that are critical to performance of the model (as in the original work), but also use this approach to identify key components of the document that the model “thinks” are likely to contain malicious elements.

 Other features

BSidesLV will also include a lockpick village, resume reviews and The New Hacker Pyramid, a contest that used to be presented at DEF CON but moved to BSidesLV a couple years ago.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s