Botconf 2017 talks

Tuesday December 5th 2017
14:00-18:00
Workshop 1		 Botnet Tracking and Data Analysis Using Open-Source Tools
Olivier Bilodeau; Masarah Paquet-Clouston
14:00-18:00
Workshop 2		 Cyber Threat Intel & Incident Response with TheHive, Cortex & MISP
Saâd Kadhi; Jérôme Léonard; Raphaël Vinot
14:00-18:00
Workshop 3		 Python and Machine Learning: How to Clusterize a Malware Dataset
Sébastien Larinier

Wednesday December 6th 2017
10:30-11:10
Keynote		 How to Compute the Clusterization of a Very Large Dataset of Malware with Open Source Tools for Fun & Profit?
Robert Erra; Sébastien Larinier; Alexandre Letois; Marwan Burelle
11:10-11:40 Get Rich or Die Trying
Mark Lechtik; Or Eshed
11:40-12:10 Exploring a P2P Transient Botnet — From Discovery to Enumeration
Renato Marinho; Raimir Holanda
12:10-13:00 RetDec: An Open-Source Machine-Code Decompiler
Jakub Křoustek; Peter Matula; Petr Zemek
RetDec
14:15-14:55 A Silver Path: Ideas for Improving Lawful Sharing of Botnet Evidence with Law Enforcement
Karine e Silva
14:55-15:45 Use Your Enemies: Tracking Botnets with Bots
Jarosław Jedynak; Paweł Srokosz
15:45-16:15 SOCKs as a Service, Botnet Discovery
Christopher Baker; Allison Nixon; Chad Seaman
16:45-17:15 Automation Of Internet-Of-Things Botnets Takedown By An ISP
Sébastien Mériot
17:15-18:05 The New Era of Android Banking Botnets
Pedro Drimel Neto
18:05-18:45 Hunting Down Gooligan
Elie Bursztein; Oren Koriat

Thursday December 7th 2017
09:30-09:50 KNIGHTCRAWLER, « Discovering Watering-holes for Fun, Nothing. »
Félix Aimé
09:50-10:20 The (makes me) Wannacry Investigation
Alan Neville
10:20-10:50 Malware Uncertainty Principle: an Alteration of Malware Behavior by Close Observation
Maria Jose Erquiaga; Sebastián García; Carlos Garcia Garino
11:10-11:50 Knock Knock… Who’s there? admin admin, Get In! An Overview of the CMS Brute-Forcing Malware Landscape
Anna Shirokova; Veronica Valeros
11:50-12:30 Automation Attacks at Scale
Will Glazier; Mayank Dhiman
12:30-13:00 The Good, the Bad, the Ugly: Handling the Lazarus Incident in Poland
Maciej Kotowicz
14:00-15:00 Malpedia: A Collaborative Effort to Inventorize the Malware Landscape
Daniel Plohmann; Martin Clauß; Steffen Enders; Elmar Padilla
Malpedia
15:00-15:30 YANT-Yet Another Nymaim Talk
Sebastian Eschweiler
16:00-16:30 Augmented Intelligence to Scale Humans Fighting Botnets
Yuriy Yuzifovich; Hongliang Liu; Alexey Sarychev; Amir Asiaee
16:30-17:30 Stantinko: a Massive Adware Campaign Operating Covertly since 2012
Matthieu Faou; Frédéric Vachon
17:30-18:30 Lightning talks
Onyphe – Samba Exposure, Patrice Auffret
You Shall be Named!, Asaf Nadler
Dropper Analysis, Gaël Muller
DEFT Linux #weareback!, Giovanni Rattaro
Sysmon FTW!, Tom Ueltschi
PyOnyphe Client Library, Sébastien Larinier
Autopwn, Benoît Ancel
Just a normal phishing, Peter Wälti
Context enrichment in IR, Antoine Méric
Yet another sandbox evasion, 0xMitsurugi
Sysmon Sigs for Linux Honeypots, Olivier Bilodeau
Malware Config Dynamic Extraction, Paul Daher
IDA APPCALL, Jonathan Thieuleux
KNIGHTCRAWLER DEMO, Félix Aimé

Friday December 8th 2017
09:40-10:10 Formatting for Justice: Crime Doesn’t Pay, Neither Does Rich Text
Anthony Kasza
10:10-10:40 PWS, Common, Ugly but Effective
Paul Jung
11:10-11:50 Nyetya Malware & MeDoc Connection
Paul Rascagnères; David Maynor
11:50-12:30 Math + GPU + DNS = Cracking Locky Seeds in Real Time without Analyzing Samples
Hongliang Liu; Alexey Sarychev; Yohai Einav
12:30-13:00 Hunting Attacker Activities — Methods for Discovering, Detecting Lateral Movements
Shusei Tomonaga; Keisuke Muda
14:00-14:30 Malware, Penny Stocks, Pharma Spam — Necurs Delivers
Jaeson Schultz; Warren Mercer; Edmund Brumaghin; Nick Biasini
14:30-15:10 Thinking Outside of the (Sand)box
Łukasz Siewierski
15:10-16:00 Advanced Threat Hunting
Robert Simmons
Print Friendly, PDF & Email