Got a talking point for VB2024?... Why not turn it into a poster?

Poster sessions are a great way to engage with your peers, share ideas, get feedback, build connections and learn, all in an informal setting. 

Details of this year's posters

Below are some details of the VB2024 posters.

Leitold-thumb2.jpg

Malware Spread Analysis Using a Time Evolution Model

Ferenc Leitold, Óbuda University

  • Objective: The paper proposes a Time Evolution Model to analyze the spread properties of malicious samples. The model can assist in more accurately determining the propagation properties of malware, supporting the development of more effective cybersecurity defense strategies.
  • Methodology: The model tracks the time-dependent ratio of "Detected" decisions (infected) over time by different malware protections. It uses a nonlinear curve fitting method to describe how the detection ratio changes over time for a specific sample.
  • Core parameters:
    • Asymptote (α1): Indicates if a sample is malicious or not.
    • Start Time (α3): Helps classify malware as "new" or "old."
    • Slope (α1 * α2): Represents the spread speed of a malware infection.
  • Practical application: The model was tested on over 1,000 malicious samples from the AMTSO RTTL database, demonstrating how it can classify samples.
  • Use cases:
    • Prioritization of protection tasks in IT infrastructures: The Time Evolution Model helps cybersecurity teams prioritize which malware to focus on by identifying the most rapidly spreading threats.
    • Selection of relevant malware samples for testing: By analyzing the spread characteristics of different malware, the model aids in selecting the most representative samples for testing security systems.
    • Estimating trends in malware spread and behavior over time: The model enables security experts to track how malware spreads over time, allowing for better predictions of future cyber threat trends.
    • Qualification of threat intelligence feeds: The Time Evolution Model assesses the accuracy and relevance of threat intelligence feeds, helping organizations choose the most reliable sources for current malware threats.
  • Accuracy of the model: Early analysis of malware samples (closer to their appearance) yields more accurate results, particularly regarding the malware's age and spreading speed.
Valeros-thumb.jpg

Lost in Translation? Not Anymore! The Role of Fine-Tuned LLMs in Translation

Veronica Valeros, Czech Technical University in Prague

The escalation of the Russia-Ukraine war in 2022 has brought with it a large number of cyber-attacks. The war fuelled and instigated cyber-hacktivist groups to join in, which in turn influenced and sustained more cyber operations. Many cyber-hacktivist groups quickly pledged allegiance to one side or the other, generating a massive increase in cyber attacks.

Given the participation of cyber-hacktivists in the war, it has become paramount to interpret their online campaigns in a time-efficient manner in order to better understand their tactics, motivations, and alliances. A better understanding of this evolving landscape contributes to the implementation of effective countermeasures. This often involves translating communications into English for processing, interpreting, and generating timely intelligence. The problem is that translation is hard. Human translation is slow, expensive, and scarce. Machine translation is inaccurate and biased.

We fine-tuned Large Language Models (LLM) to generate translations that can accurately capture the nuances of cybercrime language. We apply our technique to public chats from the NoName057(16) Russian-speaking hacktivist group.

Our results show that our fine-tuned LLM model is better, faster, more accurate, and able to capture nuances of the language. Our method shows it is possible to achieve high-fidelity translations and significantly reduce costs by a factor ranging from 430 to 23,000 compared to a human translator.

This presentation will show the process of generating a fine-tuned model that can accurately translate from Russian to English. We will show the results of the analysis and a comparison with other common machine translation techniques such as DeepL and Google Translate. The presentation will show examples of successful and unsuccessful translations, how the fine-tuned LLM model helps, and what can be achieved with a powerful translation mechanism like the one proposed.

This tool will introduce two new tools for the community: one for the automatic collection of Telegram chats from hacktivist groups and one for the automatic translation of messages using LLMs.



What's a poster session?

In a poster session presenters stand next to posters that outline their topic in brief. Delegates can browse the posters and stop to talk to the presenters when they have questions or want more information – each presenter being ready to elaborate on their poster with a brief (less than 5 minutes) explanation.

 

What's in it for the presenters?

For presenters, a poster presentation is a great way to communicate your research or concept in a very concise format, and a great way to build connections. A poster presentation includes two elements: a poster and a very brief (less than 5 minutes) verbal explanation of the poster topic.

These are opportunities for you to talk to a small audience (maybe even one person at a time) about (almost!) anything you like – the poster is just a conversation opener and can be anything relevant in the context of the conference that you think fellow delegates would find interesting.

A poster presentation is ideal if:

  • You’re new to presenting and want a taster without having to face an entire roomful of people.
  • You have stage fright but really want to talk to your peers about your project.
  • You have an open-source project for which you're seeking like-minded contributors.
  • You have some research you want to share but it’s not far enough along for a whole presentation.
  • You have a simple tool or idea you want to share.
  • You have a gnarly engineering issue or specific question and want to brainstorm the crowd.

 

What's in it for the delegates?

For delegates, poster sessions are a great way to find out about new projects, topics, research, and meet with researchers in a quick and efficient way – building new contacts along the way.

 

 

VB Conference

VB2024 DUBLIN

PROGRAMME

POSTER SESSIONS

PARTNERS

PETER SZŐR AWARD

TERMS AND CONDITIONS

 

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.