Author: John Bambenek
The cat-and-mouse game between malware researchers and malware operators has been going for years. The defense community is getting faster at responding to growing threats and taking down command and control centers of malware operators before they causes too much damage. Meanwhile, “bad guys” are building multitier redundant architectures utilizing P2P networks, Tor, and domain generation algorithms (DGA) to improve availability of supporting infrastructure against take-down operations. This report will cover the research of both American and Russian analysts into the use of such techniques and what can be learned about the adversaries who use them. Additionally, the speaker will introduce a new tool that helps researchers dig into DGAs.
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Exploiting Redundancy Properties of Malicious Infrastructure for Incident Detection
1. Exploiting Redundancy Properties of
Malicious Infrastructure
John Bambenek, Manager of Threat Systems
Fidelis Cybersecurity
PHDays 6 – Moscow, Russia
44. Questions & Thank You!
Find more of our research at: www.threatgeek.com
John Bambenek / john.bambenek@fidelissecurity.com
Thanks to Vladimir Kropotov, Fyodor Yarochkin, Kevin
Breen and Tim Leedy for their research and contributions
to these efforts.