Marius Manica

Cyber Incident Response Adobe

BIOGRAPHY

Having more than 7 years of experience in security, Marius has had the opportunity to see all of the branches of the industry – from state institutions to state-sponsored attacks, from private companies to privacy incidents, from law enforcement to security analyst to threat hunter and incident responder. Having had this level of exposure in such a short time has allowed him to learn faster and faster and keep up with the industry. Anyone that worked with him would describe Marius as a professional first and foremost. His dedication can be seen from his highly-focused work ethic and attention to details.

Project SCOUT. Deep Learning for malicious code detection

The number of client-side attack vectors has increased dramatically in the last decade. From exploiting browser vulnerabilities to miners or drive-by downloads, attackers commonly use Javascript code to achieve their goals. In the past, malicious code classification has been achieved using standard feature-engineering over static code analysis or dynamic code execution patterns.
We propose a new deep-learning inspired methodology for detecting malicious code, based on latent representations computed in an un-supervised manner. We explore three different methodologies for computing the latent representations in a deep encoder-decoder architecture: self-attention, global style tokens (GST) and “memory-based” representations.
The three strategies for computing latent representations capture different aspects of how the code is written: (a) the GST tokens capture specific attacker techniques like code that is obfuscated or encrypted or that does many string manipulations; (b) the memory-based method learns “code patterns” such as iterators, if/else statements, asserts etc. and (c) the multi-head attention method captures on-the-fly summarizations of code-segments that are hard to reconstruct (don’t follow standard patterns).
1. The self-attention model represents code as the concatenated values of all heads in a multi-head attention system;
2. The GST method computes a probability distribution (attention) over a fixed number of style tokens (embeddings) and the latent representation is obtained as the weighted sum over all the tokens;
3. Finally, the memory-based method is similar to GST, but it computes multiple probability distributions over different buckets of style-tokens.

The latent code representations are used as input for a multilayer perceptron that classifies a code segment as being malicious or not. Our initial experiments on previously unseen data show state-of-the art results in classifying both isolated code-sequences as well as entire JS files as being malicious or benign.

The same latent-representation extraction methodology can be used over multiple datasets, regardless of the programming language, to attend a wide-variety of code-related tasks or problems as: identifying vulnerable code, identifying bad practices, indexing code (finding similar code), copyright issues, etc.
This talk is co-presented with Tiberiu Boros, Computer Scientist at Adobe

Are you the next cyber security superstar?

If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.

Other speakers joining this year

Inbar Raz

Security Architect Argus Cyber Security

SPEAKER INTERVIEW AVAILABLE

Milan Gabor

CEO Viris

Maksim Iavich

Professor, Head of cyber security direction at Caucasus University, President Scientific Cyber Security Association (SCSA)

SPEAKER INTERVIEW AVAILABLE

Ready for this year's presentations?

By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.

0
SPEAKERS
0
COUNTRIES
0
ATTENDEES
0
HACKING
COMPETITIONS
0
COMPANIES

Sponsors & Partners

They help us make this conference possible.

POWERED BY

As an infrastructure operator, technology integrator and IT&C services provider, Orange Business Services supports businesses and public entities in their digital transformation. Collect, transport, protect, store and process and analyze: they orchestrate every phase of the data journey, for your business to create even more value.

WWW.ORANGE.RO

PLATINUM PARTNERS

Ixia provides testing, visibility, security solutions, network testing tools and virtual network security solutions to strengthen applications across physical and virtual networks.

WWW.IXIACOM.COM

Secureworks provides threat intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

WWW.SECUREWORKS.COM

GOLD PARTNERS
SILVER PARTNERS
GAMING PARTNERS
VIP & SPEAKER LOUNGE PARTNER
BRONZE PARTNERS
COMMUNITY & MEDIA PARTNERS