Botconf Author Listing

Daniel Goldberg


Last known affiliation: Guardicore

Date: 2019-12-04
Insights and Trends in the Data-Center Security Landscape
Daniel Goldberg 🗣 | Ophir Harpaz 🗣

Abstract (click to view)

We deployed a large collection of high-interaction deception servers deployed in multiple cloud environments worldwide. Each such deception machine is capable of capturing and recording attacks on various services. This infrastructure provides us with a tremendous amount of data; With this infrastructure, we get to see where attacks originate from, what machines they connect-back to, the ports and services attackers attempt to breach, the processes they initiate – and many more. Using this unique and comprehensive dataset, we explore attack patterns and model the behavior of the attackers.

In this talk, we will guide the audience through our analysis and present some interesting findings. For example, do attackers really change behavior after new vulnerabilities are disclosed? What is the lifetime of an attack machine or a command-and-control server? Do attackers bother staying persistent on victim machines? Using our results, we will provide a clearer picture of today’s data-center-oriented Cyber attacks.

Slides Icon
PDF
Scroll to Top