Defence against advanced, obfuscated and evasion attacks

Signature-based approaches:

• Signature-based detection
• Practical examples: antivirus software and intrusion detection systems (IDS)

Approaches based on statistical analysis:

• Detection of anomalies through statistical analysis of data
• Limits and vulnerabilities of this approach

Analysis of the weaknesses in defensive and system:

• Known attacks that exploit the limitations of signature-based and anomaly-based models.

Code obfuscation:

• Static techniques: code transformations designed to make the code less readable (e.g., renaming, control flow obfuscation)
• Dynamic techniques: self-modifying code, packed executables

Network traffic obfuscation:

• Cryptography and cryptographic tunnels (VPN, SSH, HTTPS)
• Payload obfuscation and pattern evasion techniques

The effects of obfuscation on the detection of cyber-attacks:

• Impacts on static and dynamic analysis
• Risks associated with traditional detection systems

Attacks designed to evade dynamic analysis systems:

• Anti-debugging and anti-virtualisation techniques
• Polymorphic and metamorphic malware

Network traffic attacks:

• Examples of advanced attacks such as masquerading
• Techniques for evading traffic-based IDSs (e.g., fragmented packets, timing attacks)

Social Engineering:

• The psychological principles underlying social engineering attacks.
• Common techniques: phishing, spear-phishing, baiting, pretexting

Approaches to tackle obfuscated attacks:

• Use of de-obfuscation techniques for static and dynamic analysis
• Detection system based on behaviour profiling

Approaches for sophisticated attacks:

• Adaptive detection systems: dynamic rule updates
• Context analysis to mitigate evasive attacks.

 Machine and Deep Learning for Cybersecurity:

• Models for detecting anomalies in network traffic (e.g., autoencoders, RNNs)
• Applications of supervised and unsupervised classifiers
• Training techniques and bias prevention in AI models for safety

Examples of network traffic obfuscation and software applications.

Social engineering attacks

Machine learning based approaches to detect cyberattacks.

Approaches for sophisticated attacks:

• Adaptive detection systems: dynamic rule updates
• Context analysis to mitigate evasive attacks

Machine and Deep Learning for Cybersecurity:

• Models for detecting anomalies in network traffic (e.g., autoencoders, RNNs)
• Applications of supervised and unsupervised classifiers
• Training techniques and bias prevention in AI models for safety
• Theory application on case studies