Last known affiliation: Cyber Security
Bio: Solomon Sonya is the Director of Cyber Security Exploitation Training at a large security organization. He has a background in software development, malware analysis, covert channels, steganography, distributed computing, computer hacking, information protection paradigms, and cyber warfare. He received his Undergraduate Degree in Computer Science and has Master’s degrees in Computer Science and Information System Engineering and was an Assistant Professor of Computer Science prior to his current position. Solomon’s current research includes computer system exploitation, cyber threat intelligence, digital forensics, and data protection.
Solomon Sonya 🗣
Abstract (click to view)
Malware continues to advance in sophistication and prevalence. Well-engineered malware can obfuscate itself from the user, network, and even the operating system running host-based security applications. But one place malware cannot easily hide itself is within volatile computer memory (ram). Although an essential part of detection engineering and exploit development, memory analysis is not trivial to master. Additionally, inefficiencies exist within the current approach of conducting memory analysis resulting in greater consumption of time and resources while reducing analysis accuracy.
This workshop solves this problem delivering a new tool that provides advanced memory analysis and releases a new construct that revolutionizes memory forensics. Additionally, this tool provides new correlation algorithms, user-interaction, and plugin aggregation to enhance analysis, increase accuracy, and completely automate the process for you saving hours of analysis time. Lastly, this tool provides a true snapshot analysis providing a better mechanism to discover and extract indicators of compromise during malware analysis. Exploit developers, reverse engineers, digital forensics experts and incident responders will walk away with a new toolkit that will revolutionize the way we perform memory forensics at the conclusion of this workshop.