Botconf presentation or article

Malware Instrumentation: Application to Regin Analysis Botconf 2015 Thursday | 14:40 – 15:30 Matthieu Kaczmarek 🗣 The complexity of the Regin malware underlines the importance of reverse engineering in modern incident response. The present study shows that such complexity can be overcome: substantial information about adversary tactics, techniques and procedures is obtained from reverse engineering. […]

Practical Experiences of Building an IPFIX Based Open Source Botnet Detector Botconf 2015 Thursday | 16:00 – 16:40 Mark Graham 🗣 | Adrian Winckles 🗣 | Erika Sanchez 🗣 The academic study of flow-based malware detection has primarily focused on NetFlow v5 and v9. In 2013 IPFIX was ratified as the flow export standard. As part of a larger

Automatically classifying unknown bots by the register messages Botconf 2015 Thursday | 17:00 – 17:30 Ya Liu 🗣 | Bing Song 🗣 The ever-increasing number of malware/botnet samples demands efficient and scalable classification solution for better detection and prevention. C&C protocol based classification has proved to be effective and accurate. However, it’s not trivial to acquire new