AusCERT2015

Connect with us   ​  

John Bambenek

John Bambenek is a manager of threat systems at Fidelis Cybersecurity and an incident handler with the Internet Storm Center. He has been engaged in security for 17 years researching security threats. He is a published author of several articles. He has participated in many incident investigations spanning the globe. He speaks at conferences around the world and runs several private intelligence groups focusing on takedowns and disruption of criminal entities.

Twitter: @bambenek

Presentation Title
Data Mining Malware: Using Historical Information for Current Investigations
Abstract

According to VirusTotal, almost 500,000 unique malware samples are seen by them every day. That doesn’t include all the malware VirusTotal doesn’t see. The shear deluge of unique malware samples makes it difficult for incident responders to keep up to protect their networks. Even more difficult is the task to investigators and law enforcement to keep up with the size and number of command-and-control networks and criminal operations. 

The size and scope of malware may seem daunting, but these repositories can be mined for intelligence in a programmatic way to build not only threat intelligence feeds for current threats, but a historical encyclopedia for attacks seen in previous months and years. The ability to correlate attacks and malicious infrastructure historically has opened up new methods to attribute attackers and to support long-term disruptive activity. 

This talk will discuss how a massive historical intelligence database can be used to correlate historical attacks and what the possibilities hold for this kind of analysis. The audience will come away with the knowledge in how to build a system of their own, what open source tools and repositories are available for defenders and the basics in how to apply threat intelligence techniques to automated threat data collection of this type. 

REGISTER HERE!

Conference Highlights

New Venue
Don't miss the best cyber security conference in Australia at the Surfers Paradise Marriott, only 150 m from Surfers Paradise beach

Conference MC
Comedian and Mathematician Adam Spencer will host the conference, Gala Dinner and Speed Debate

Career Café
Retreat to the back of the exhibition away from the noise for a real coffee at the AusCERT2016 Career Café and chat with specialist Infosec recruiters