BladeRunner: Adventures in Tracking Botnets Botconf 2013 Friday | 16:30 – 17:30 Jason Jones 🗣 | Marc Eisenbarth 🗣 The problem of tracking botnets is not a new one, but still proves to be an important and fruitful research topic. We have been tracking many botnets for years using an internally built tracking system, which has undergone […]
BladeRunner: Adventures in Tracking Botnets Read More »
The hunter becomes the hunted – analyzing network traffic to track down botnets Botconf 2013 Friday | 17:30 – 18:00 Thomas Chopitea 🗣 Since their first signs of existence in the early 2000’s, botnets have been a subject of interest for information security researchers. Considering the technological advancements in the latest releases of most common
The hunter becomes the hunted – analyzing network traffic to track down botnets Read More »
Spatial Statistics as a Metric for Detecting Botnet C2 Servers Botconf 2013 Thursday | 14:40 – 15:40 Etienne Stalmans 🗣 | Barry Irwin Botnets consist of thousands of hosts infected with malware. As these hosts are widely dispersed and usually not physically accessible to botnet owners, a means to communicate with these hosts is needed. Using Command
Spatial Statistics as a Metric for Detecting Botnet C2 Servers Read More »
The Home and CDorked campaigns : Widespread Malicious Modification of Webservers for Mass Malware Distribution Botconf 2013 Thursday | 16:10 – 17:10 Sébastien Duquette 🗣 In recent years, exploit packs have become an increasingly popular tool for the distribution of malware. An advantage of those packs is that it does not require cooperation on the
Malware Calling Botconf 2013 Thursday | 17:10 – 17:30 Maciej Kotowicz 🗣 | Tomasz Bukowski | Łukasz Siewierski Zitmo (ZeuS in the MObile) is a mutation of ZeuS that appeared for the first time in early 2011, targeting bank customers in Poland and Spain, infecting unknown numbers of users. Zitmo consists of two parts: spyware installed od PC and
Disass Botconf 2013 Thursday | 17:30 – 17:50 Ivan Fontarensky 🗣 Disass is a binary analysis framework written in Python to automate static malware reverse engineering. Currently Disass is not designed to handle packed binary as static unpacking is a pretty tough task on its own. The approach is simple : it’s stupid to repeat
Efficient Program Exploration by Input Fuzzing Botconf 2013 Thursday | 17:50 – 18:10 Thanh Dinh Ta 🗣 | Jean-Yves Marion 🗣 | Guillaume Bonfante 🗣 One of the issues of a malware detection service is to update its database. For that, an analysis of new samples must be performed. Usually, one tries to replay the behavior of malware in
Efficient Program Exploration by Input Fuzzing Read More »
The power of a team work – Management of Dissecting a Fast Flux Botnet, OP-Kelihos “Unleashed” Botconf 2013 Thursday | 18:10 – 18:30 Hendrik Adrian 🗣 | Dhia Mahjoub 🗣 “Facing a come-back Fast Flux (HLUX) botnet like Kelihos (Khelios) which was previously announced to be shutdown by big entities is not an easy task that can
Perdix: a framework for realtime behavioral evaluation of security threats in cloud computing environment Botconf 2013 Friday | 09:00 – 09:30 Julien Lavesque 🗣 | Hervé Luga | Meriam Mahjoub | Sébastien Aucouturier | Christophe Bisière | Jean-Nicolas Piotrowski Edit PDF Video
Participatory Honeypots: A Paradigm Shift in the Fight Against Mobile Botnets Botconf 2013 Friday | 09:30 – 10:00 Pasquale Stirparo 🗣 | Laurent Beslay 🗣 Due to the substantially different ecosystem we have to deal with when it comes to mobile security, it makes it harder to detect and react to malware attacks if using conventional techniques.
Participatory Honeypots: A Paradigm Shift in the Fight Against Mobile Botnets Read More »