Botconf Author Listing

Hen Tzaban

Last known affiliation: Akamai Technologies
Bio: Hen Tzaban is a Senior Data Scientist at Akamai Technologies. Her main research focus is User and Entity Behavior Analytics (UEBA) in large-scale traffic data. Her research involves the design and development of ML models to model the behavior of users and devices on corporate networks and to identify abnormal behavior and accordingly to decide if it has security implications. She holds a BS.c in Communication systems engineering and MS.c in Software and Information Systems Engineering at BGU where her research focused on leveraging semi-supervised techniques for noisy labels scenarios.
Date: 2022-04-29
Detecting and Disrupting Compromised Devices based on Their Communication Patterns to Legitimate Web Services
Yael Daihes 🗣 | Hen Tzaban 🗣

Abstract (click to view)

Data breaches of enterprises have been one of the most destructive and prominent security threats that enterprises have been facing in recent years. Some well-known APT groups as well as cybercriminals leverage legitimate web services such as GitHub, Twitter, Google Storage, and many more, in order to achieve their attack goals and breach an enterprise. Even supply chain attacks include the usage of the same original legitimate web service, just in a malicious manner.
Many network mechanisms rely on signatures to block outgoing communication from enterprise devices to malicious destinations for defending against such attacks. But, what happens when you can’t simply block that destination? You’re not going to block all outgoing communication to Github, are you?
We suggest applying UEBA, User and Entity Behavior Analytics for detecting such botnet malicious activities and using other mitigation options such as monitoring/blocking specific sessions or devices.

Slides Icon
Scroll to Top