Nss Menu
Login utente
The Nepenthes Platform: Automated Botnet Detection and Mitigation
Titolo:
The Nepenthes Platform: Automated Botnet Detection and Mitigation
Autore:
Slides:
Abstract intervento:
With the Nepenthes Platform, we are able to collect malware autonomously. Centrally collecting this malware over months yielded to a vast, unmanagable, giant heap of binary data.
We show, how we managed to eventually do something useful with this data, by extracting different information using - sandboxing - recording of attacker information - botnet monitoring and introduce the functionality of the tools, we developed for these means.
We show, how we managed to eventually do something useful with this data, by extracting different information using - sandboxing - recording of attacker information - botnet monitoring and introduce the functionality of the tools, we developed for these means.
Breve CV Relatore:
Georg Wicherski works in the fields of botnet tracking and mitigation, malware analysis and network engineering.
He co-authored the Honeynet Project's paper "Know Your Enemy: Tracking Botnets'' and two papers submitted to ESORICS and DFN-Cert Workshop. He also published his paper "Medium Interaction Honeypots'' on the Internet. Additionally, he presented on Blackhat Asia 2006 and the 23C3. His fields of interest besides malware and botnets include robotics engineering and programming as well as wireless appliances. He is the author of the mwcollectd medium-interaction-honeypot and nepenthes developer. He founded and now leads the mwcollect Alliance, a non-proifit organization aiming at collecting malware with now over 25000 unique in-the-wild samples.
He co-authored the Honeynet Project's paper "Know Your Enemy: Tracking Botnets'' and two papers submitted to ESORICS and DFN-Cert Workshop. He also published his paper "Medium Interaction Honeypots'' on the Internet. Additionally, he presented on Blackhat Asia 2006 and the 23C3. His fields of interest besides malware and botnets include robotics engineering and programming as well as wireless appliances. He is the author of the mwcollectd medium-interaction-honeypot and nepenthes developer. He founded and now leads the mwcollect Alliance, a non-proifit organization aiming at collecting malware with now over 25000 unique in-the-wild samples.
Interventi Correlati: