Presenter: Nate Balmain
Room: Ballroom, EMU 244, Level 2
Presentation: Hidden in plain sight: How adversaries hide their malicious content online
Time: 11:15a – 11:45a

Malicious content exists on the internet. We see it on the news all the time, “The Oregon DMV was the victim of a data breach, Former employee of technology company arrested for stealing confidential information, etc.” This content can take the shape of personal information, malicious programs, or illicit images. This begs the question: how are adversaries hosting this malicious content online and how are they not getting caught?

This presentation will attempt to answer these questions by focusing on the key metrics of reachability (how many users this content could reach), detectability (how easy or difficult it is to find the obscured content), and security (how secure the content is) by providing a demonstration of specific techniques employed by adversaries to host their malicious content online. In addition, this presentation also examines potential exploits they can perform such as drive-by-downloads and targeted phishing as well as the steps that can be taken to prevent becoming a victim of these attacks.