Botconf presentation or article

DNS Resolution Traffic Analysis Applied to Bot Detection

DNS Resolution Traffic Analysis Applied to Bot Detection Botconf 2013 Friday | 14:40 – 15:20 Ronan Mouchoux 🗣 This presentation aims to explain how works MalwareTrap, a DNS resolution traffic analysis platform deployed into a major French company’s network. MalwareTrap was created to complete internal anti-malwares protections. It constantly listens to the internal DNS resolution […]

DNS Resolution Traffic Analysis Applied to Bot Detection Read More »

Exploit Krawler: New Weapon againt Exploits Kits

Exploit Krawler: New Weapon againt Exploits Kits Botconf 2013 Friday | 15:20 – 16:00 Sébastien Larinier 🗣 | Guillaume Arcas 🗣 Exploit Krawler is a device that will allow us to grab the tools from miscellaneous exploit kits (applet java,pdf..) in order to make their analysis easier. These exploit kits are more and more numerous on Internet

Exploit Krawler: New Weapon againt Exploits Kits Read More »

The hunter becomes the hunted – analyzing network traffic to track down botnets

The hunter becomes the hunted – analyzing network traffic to track down botnets Botconf 2013 Friday | 17:30 – 18:00 Thomas Chopitea 🗣 Since their first signs of existence in the early 2000’s, botnets have been a subject of interest for information security researchers. Considering the technological advancements in the latest releases of most common

The hunter becomes the hunted – analyzing network traffic to track down botnets Read More »

Spatial Statistics as a Metric for Detecting Botnet C2 Servers

Spatial Statistics as a Metric for Detecting Botnet C2 Servers Botconf 2013 Thursday | 14:40 – 15:40 Etienne Stalmans 🗣 | Barry Irwin Botnets consist of thousands of hosts infected with malware. As these hosts are widely dispersed and usually not physically accessible to botnet owners, a means to communicate with these hosts is needed. Using Command

Spatial Statistics as a Metric for Detecting Botnet C2 Servers Read More »

The Home and CDorked campaigns : Widespread Malicious Modification of Webservers for Mass Malware Distribution

The Home and CDorked campaigns : Widespread Malicious Modification of Webservers for Mass Malware Distribution Botconf 2013 Thursday | 16:10 – 17:10 Sébastien Duquette 🗣 In recent years, exploit packs have become an increasingly popular tool for the distribution of malware. An advantage of those packs is that it does not require cooperation on the

The Home and CDorked campaigns : Widespread Malicious Modification of Webservers for Mass Malware Distribution Read More »

Disass

Disass Botconf 2013 Thursday | 17:30 – 17:50 Ivan Fontarensky 🗣 Disass is a binary analysis framework written in Python to automate static malware reverse engineering. Currently Disass is not designed to handle packed binary as static unpacking is a pretty tough task on its own. The approach is simple : it’s stupid to repeat

Disass Read More »

Efficient Program Exploration by Input Fuzzing

Efficient Program Exploration by Input Fuzzing Botconf 2013 Thursday | 17:50 – 18:10 Thanh Dinh Ta 🗣 | Jean-Yves Marion 🗣 | Guillaume Bonfante 🗣 One of the issues of a malware detection service is to update its database. For that, an analysis of new samples must be performed. Usually, one tries to replay the behavior of malware in

Efficient Program Exploration by Input Fuzzing Read More »

The power of a team work – Management of Dissecting a Fast Flux Botnet, OP-Kelihos “Unleashed”

The power of a team work – Management of Dissecting a Fast Flux Botnet, OP-Kelihos “Unleashed” Botconf 2013 Thursday | 18:10 – 18:30 Hendrik Adrian 🗣 | Dhia Mahjoub 🗣 “Facing a come-back Fast Flux (HLUX) botnet like Kelihos (Khelios) which was previously announced to be shutdown by big entities is not an easy task that can

The power of a team work – Management of Dissecting a Fast Flux Botnet, OP-Kelihos “Unleashed” Read More »

Scroll to Top