Nothing but Net: Leveraging macOS's Networking Frameworks to Heuristically Detect Malware

Learn to detect malware using macOS network frameworks and techniques, plus prolonging performance and compatibility.

Key takeaways
  • Nothing but Net: Leveraging macOS’s Networking Frameworks to Heuristically Detect Malware
  • Apple’s private plugins are still a grey area in terms of legitimate or malicious
  • Focuses on host-based network monitoring as opposed to signature-based or behavioral detection
  • Use of DNS monitor to detect malware
  • BlockBlock tool is used to block connection to command and control server
  • Use of network statistics framework to detect suspicious network activity
  • importance of identifying responsible process
  • Observing network events to detect malware
  • Performance and dependencies
  • Solve the problem of observers and detectors
  • To classify processes or backward compatibility
  • Some challenges and compromises are already facing
  • There are many ways to approach this process.

More talks

Indispensable Principles of Crafting Complex Interfaces by Dean Schuster

Christopher "Vjeux" Chedeau - How to Succeed at Open Source - React Miami 2024

Open Models: The Secret Weapon for Next-Generation Software by Remigiusz Samborski

Unlock insights into cybersecurity and bad bot activity with tech experts

The State of Server Side Java Webapps by Maarten Mulders

RustConf 2023 - Fine! I'll just make my own stable ABI!

Voxxed Days Ioannina 2024 - Magic of Automation and Everyday Chores

Let’s use IntelliJ as a game engine, just because we can by Alexander Chatzizacharias