Name
D4. Tracking Botnets Using Machine Learning and Automated Verification
Date & Time
Wednesday, May 10, 2017, 3:15 PM - 4:15 PM
Speakers
Description
Session Description:
Most state of the art botnet tracking techniques today rely on the use of honeypots, malware analysis, and Internet-wide scanning to detect botnets and malware infections. Though these approaches work, malware authors continuously find ways to avoid detection. In this talk, we will discuss the approach Level 3 Threat Research Labs uses to track botnets which takes advantage of something they cannot avoid: their own network communication. As a case study of this approach, we will describe how recent DDoS botnets have wreaked havoc across the Internet and how we observed the highly popular botnet family Mirai evolve over time.
Location Name
Room 709/711
Full Address
Colorado Convention Center
700 14th Street
Denver, CO 80202
United States
700 14th Street
Denver, CO 80202
United States
Category
Emerging Trends
Learner Objectives
After completing this session, learner will:
- Learn about modern DDoS botnets and how they work
- Learn how Level 3 Threat Research Labs tracks botnets to protect our network, customers, and the Internet at large
- Learn the details of how we tracked the evolution of a popular family of DDoS botnets called Mirai and how we helped mitigate some of its effects across the Internet
- Learn how your organization can use similar analytics to protect itself from constantly evolving threats.
Speaker Bio(s)
Tom Boatwright is a senior data scientist in the Level 3 Threat Research Labs. Prior to joining Level 3, Tom worked in the semiconductor industry finding defects in silicon chips.
Jeffrey Bickford is a member of the Level 3 Threat Research Lab where he helps investigate real-world cyber threats. Prior to joining Level 3, Jeff was a member of the AT&T Security Research Center where he worked on various projects related to mobile, cloud, and enterprise security.
Sorting Order
4