Sophos talks viruses at MIT

Filed Under: Malware

Dear Diary,

Yesterday I lectured at MIT. (How cool is that?)

Two weeks ago, at the RSA 2009 conference in San Francisco, I had the great honour of meeting Prof. Ron Rivest (he's the 'R' in RSA), who sat in on one of the presentations I gave on Sophos's stand.

To my delight he invited me to give an extended version of the presentation - a demonstration of a Live Malware Attack - to the students in his Computer and Network Security course at MIT's Computer Science and Artifical Intelligence Laboratory (CSAIL).

The lecture took place in the famous (or infamous, to some critics) Stata Center at MIT in Cambridge, Massachussets. This wacky but delightful building, which opened in 2004, stands on the site of MIT's famous Building 20. During the Second World War, Building 20 housed the deliberately-misnamed MIT Radiation Laboratory, dedicated to research and development in radar. So visiting this site was something of a pilgrimage, rather like going to Bletchley Park in the UK.

Stata Center at MIT

During the lecture we looked at some of the techniques useful in modern malware research: how to use emulation and virtualisation to create a safe but realistic environment for playing with real malware; how to simulate the internet in order to persuade malware to work even though it isn't actually on-line; and (most importantly of all for cash-strapped students) how to do this using free tools.

Dodgy iFrame explained by Paul Ducklin of Sophos

Highly rewarding for me, as the lecturer, was the interactive style which I gather is favoured by CSAIL students, who regularly but respectfully interrupt with pertinent questions and observations, without ever becoming intrusive or disruptive.

Best of all, however, was the lecture theatre - in MIT-speak, room 32G-449 - which resembles some sort of avant-garde cathedral, with tilted walls and wall panels which give the room a curious, though not actually off-putting, list to starboard.

Duck reflects on MIT

My thanks to Prof. Rivest for the invitation to speak, and to all the students who stuck with me patiently until the end of the lecture. I enjoyed myself tremendously; I hope you did too. If ever I am invited back, you can be sure I'll make every effort to come - but next time I'm bringing a bag of ball bearings to check if that seminar room floor really *is* level.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog