Botconf 2019

Suricata for bot hunting and classification

Suricata for bot hunting and classification Botconf 2019 Tuesday | 14:00 – 17:30 Tatyana Shishkova 🗣 One of the distinguishing features of botnets is communication between the bot and the C&C server. Analyzing network traffic is a part of researching a botnet. Suricata, an open-source network threat detection engine, is a powerful tool not only

Suricata for bot hunting and classification Read More »

DeStroid – Fighting String Encryption in Android Malware

DeStroid – Fighting String Encryption in Android Malware Botconf 2019 Wednesday | 10:45 – 11:15 Daniel Baier 🗣 | Martin Lambertz 🗣 In this paper we present DeStroid, an approach to fully automatically decrypt obfuscated strings from Android apps. We focus in particular on current Android malware using advanced string encryption techniques and show that DeStroid outperforms

DeStroid – Fighting String Encryption in Android Malware Read More »

Unrevealing the Architecture Behind the Counter-Strike 1.6 Botnet: Zero-Days and Trojans

Unrevealing the Architecture Behind the Counter-Strike 1.6 Botnet: Zero-Days and Trojans Botconf 2019 Wednesday | 12:05 – 12:35 Ivan Korolev 🗣 | Igor Zdobnov 🗣 The Belonard Botnet was designed to promote servers in Counter-Strike 1.6. In order to achieve that, the botmaster employed the Belonard Trojan, which was spread via malicious game server; an infected pirated

Unrevealing the Architecture Behind the Counter-Strike 1.6 Botnet: Zero-Days and Trojans Read More »

An Android Botnet Analysis – Shaoye Botnet

An Android Botnet Analysis – Shaoye Botnet Botconf 2019 Wednesday | 14:55 – 15:35 Min-Chun Tsai 🗣 | Jen-Ho Hsiao 🗣 | Ding-You Hsiao 🗣 The action of Shaoye botnet started from June 2017. The peak of attacks was seen in January 2018. TWNCERT (Taiwan National Computer Emergency Response Team) received the intelligence about a DNS hijack from Japan

An Android Botnet Analysis – Shaoye Botnet Read More »

Tracking botnets with Long Term Sandboxing

Tracking botnets with Long Term Sandboxing Botconf 2019 Wednesday | 16:05 – 16:45 Piotr Białczak 🗣 | Adrian Korczak 🗣 Sandbox systems have become an efficient way to analyze malware behavior. They can provide information about malware in a quick and automatic manner. However their analysis time is usually limited only to a couple of minutes, thus

Tracking botnets with Long Term Sandboxing Read More »

Insights and Trends in the Data-Center Security Landscape

Insights and Trends in the Data-Center Security Landscape Botconf 2019 Wednesday | 16:50 – 17:30 Daniel Goldberg 🗣 | Ophir Harpaz 🗣 We deployed a large collection of high-interaction deception servers deployed in multiple cloud environments worldwide. Each such deception machine is capable of capturing and recording attacks on various services. This infrastructure provides us with a

Insights and Trends in the Data-Center Security Landscape Read More »

Scroll to Top