Spatial Statistics as a Metric for Detecting Botnet C2 Servers Botconf 2013 Thursday | 14:40 – 15:40 Etienne Stalmans 🗣 | Barry Irwin Botnets consist of thousands of hosts infected with malware. As these hosts are widely dispersed and usually not physically accessible to botnet owners, a means to communicate with these hosts is needed. Using Command […]
Spatial Statistics as a Metric for Detecting Botnet C2 Servers Read More »
The Home and CDorked campaigns : Widespread Malicious Modification of Webservers for Mass Malware Distribution Botconf 2013 Thursday | 16:10 – 17:10 Sébastien Duquette 🗣 In recent years, exploit packs have become an increasingly popular tool for the distribution of malware. An advantage of those packs is that it does not require cooperation on the
Malware Calling Botconf 2013 Thursday | 17:10 – 17:30 Maciej Kotowicz 🗣 | Tomasz Bukowski | Łukasz Siewierski Zitmo (ZeuS in the MObile) is a mutation of ZeuS that appeared for the first time in early 2011, targeting bank customers in Poland and Spain, infecting unknown numbers of users. Zitmo consists of two parts: spyware installed od PC and
Disass Botconf 2013 Thursday | 17:30 – 17:50 Ivan Fontarensky 🗣 Disass is a binary analysis framework written in Python to automate static malware reverse engineering. Currently Disass is not designed to handle packed binary as static unpacking is a pretty tough task on its own. The approach is simple : it’s stupid to repeat
Efficient Program Exploration by Input Fuzzing Botconf 2013 Thursday | 17:50 – 18:10 Thanh Dinh Ta 🗣 | Jean-Yves Marion 🗣 | Guillaume Bonfante 🗣 One of the issues of a malware detection service is to update its database. For that, an analysis of new samples must be performed. Usually, one tries to replay the behavior of malware in
Efficient Program Exploration by Input Fuzzing Read More »
The power of a team work – Management of Dissecting a Fast Flux Botnet, OP-Kelihos “Unleashed” Botconf 2013 Thursday | 18:10 – 18:30 Hendrik Adrian 🗣 | Dhia Mahjoub 🗣 “Facing a come-back Fast Flux (HLUX) botnet like Kelihos (Khelios) which was previously announced to be shutdown by big entities is not an easy task that can
Perdix: a framework for realtime behavioral evaluation of security threats in cloud computing environment Botconf 2013 Friday | 09:00 – 09:30 Julien Lavesque 🗣 | Hervé Luga | Meriam Mahjoub | Sébastien Aucouturier | Christophe Bisière | Jean-Nicolas Piotrowski Edit PDF Video
Participatory Honeypots: A Paradigm Shift in the Fight Against Mobile Botnets Botconf 2013 Friday | 09:30 – 10:00 Pasquale Stirparo 🗣 | Laurent Beslay 🗣 Due to the substantially different ecosystem we have to deal with when it comes to mobile security, it makes it harder to detect and react to malware attacks if using conventional techniques.
Participatory Honeypots: A Paradigm Shift in the Fight Against Mobile Botnets Read More »
My Name is Hunter, Ponmocup Hunter Botconf 2013 Friday | 10:00 – 10:50 Tom Ueltschi 🗣 In early 2011 we discovered some malware infected systems in our network. Starting from one A/V event we found several host- and network-based indicators to identify and confirm several infections within our company. A few weeks later the sinkholing
My Name is Hunter, Ponmocup Hunter Read More »
Reputation-based Life-course Trajectories of Illicit Forum Members Botconf 2013 Friday | 11:20 – 11:50 David Décary-Hétu 🗣 The Internet has become over the past fifteen years the medium of choice for people to communicate with each other. As Boase & Wellman (2002) have predicted, we are now firmly in the era of networked individualism where
Reputation-based Life-course Trajectories of Illicit Forum Members Read More »