A General-purpose Laboratory for Large-scale Botnet Experiments

NTT R&D s anti-malware technologies

NTT R&D s anti-malware technologies Jan. 21, 2015 NTT Secure Platform Laboratories Takeo HARIU Threats causes most of cyber attacks Major infection routes are web browsing, URL links in email messages,

WHEN THE HUNTER BECOMES THE HUNTED HUNTING DOWN BOTNETS USING NETWORK TRAFFIC ANALYSIS

WHEN THE HUNTER BECOMES THE HUNTED HUNTING DOWN BOTNETS USING NETWORK TRAFFIC ANALYSIS /ABOUT/ME Thomas Chopitea - Incident handler @CertSG Digital forensics & incident response (#DFIR), malware analysis,

The DETER Project. Advancing the Science of Cyber Security Experimentation and Test

The DETER Project Advancing the Science of Cyber Security Experimentation and Test Jelena Mirkovic, Terry V. Benzel, Ted Faber, Robert Braden, John T. Wroclawski USC Information Sciences Institute Marina

Operation Liberpy : Keyloggers and information theft in Latin America

Operation Liberpy : Keyloggers and information theft in Latin America Diego Pérez Magallanes Malware Analyst Pablo Ramos HEAD of LATAM Research Lab 7/7/2015 version 1.1 Contents Introduction... 3 Operation

LASTLINE WHITEPAPER. Large-Scale Detection of Malicious Web Pages

LASTLINE WHITEPAPER Large-Scale Detection of Malicious Web Pages Abstract Malicious web pages that host drive-by-download exploits have become a popular means for compromising hosts on the Internet and,

This How To guide will take you through configuring Network Load Balancing and deploying MOSS 2007 in SharePoint Farm.

Quick Brief This How To guide will take you through configuring Network Load Balancing and deploying MOSS 2007 in SharePoint Farm. This document will serve as prerequisite for Enterprise Portal deployment

Microsoft Dynamics CRM 2011 Installation and Deployment

Microsoft Dynamics CRM 2011 Installation and Deployment Course 80296; 2 Days, Instructor-led Course Description This two-day instructor course covers the installation and configuration of Microsoft Dynamics

Cloudified IP Multimedia Subsystem (IMS) for Network Function Virtualization (NFV)-based architectures

4th Workshop on Mobile Cloud Networking, June 19th, 2014, Lisbon, Portugal Cloudified IP Multimedia Subsystem (IMS) for Network Function Virtualization (NFV)-based architectures Giuseppe Carella, Marius

VIRTUALIZATION SECURITY IN THE REAL WORLD

VIRTUALIZATION SECURITY IN THE REAL WORLD Growing Technology Virtualization has become the standard for many corporate IT departments. The market for server virtualization infrastructure has matured, surpassing

An isolated virtual cluster for SCADA network security research

An isolated virtual cluster for SCADA network security research Antoine Lemay École Polytechnique de Montréal 2500, Chemin de Polytechnique Montreal, Qc, CA H3T1J4 [email protected] José Fernandez

Multifaceted Approach to Understanding the Botnet Phenomenon

Multifaceted Approach to Understanding the Botnet Phenomenon Christos P. Margiolas University of Crete A brief presentation for the paper: Multifaceted Approach to Understanding the Botnet Phenomenon Basic

Automatic Extraction of Domain Name Generation Algorithms from Current Malware

Automatic Extraction of Domain Name Generation Algorithms from Current Malware Thomas Barabosch 1, Andre Wichmann 1, Felix Leder 2, and Elmar Gerhards-Padilla 1 ABSTRACT Fraunhofer FKIE Friedrich-Ebert-Allee

When a testbed does more than testing

When a testbed does more than testing The Internet-Scale Event Attack and Generation Environment (ISEAGE) providing learning and synthesizing experiences for cyber security students. Julie A. Rursch, Doug

Malicious Websites uncover vulnerabilities (browser, plugins, webapp, server), initiate attack steal sensitive information, install malware, compromise victim s machine Malicious Websites uncover vulnerabilities

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

Network Security Demonstration - Snort based IDS Integration -

Network Security Demonstration - Snort based IDS Integration - Hyuk Lim ([email protected]) with TJ Ha, CW Jeong, J Narantuya, JW Kim Wireless Communications and Networking Lab School of Information and

Network Intrusion Analysis (Hands-on)

Network Intrusion Analysis (Hands-on) TCP/IP protocol suite is the core of the Internet and it is vital to understand how it works together, its strengths and weaknesses and how it can be used to detect

SINGLE COURSE. 136 Total Hours. After completing this course, students will be able to:

NH204-1314 Designing and Implementing Server Infrastructure 136 Total Hours COURSE TITLE: Designing and Implementing Server Infrastructure COURSE OVERVIEW: After completing this course, students will be

Evading Android Emulator

Evading Android Emulator Thanasis Petsas [email protected] [email protected] - www.syssec-project.eu 1 What is a Virtual Machine? A software based computer that functions like a physical machine A

Testing ARES on the GTS framework: lesson learned and open issues. Mauro Femminella University of Perugia mauro.femminella@unipg.

Testing ARES on the GTS framework: lesson learned and open issues Mauro Femminella University of Perugia [email protected] Outline What is ARES What testing on GTS? Our solution Performance evaluation

ToMaTo - a network experimentation tool

ToMaTo - a network experimentation tool Dennis Schwerdel 1, David Hock 2, Daniel Günther 1, Bernd Reuther 1, Paul Müller 1 and Phuoc Tran-Gia 2 1 Integrated Communication Systems Lab, University of Kaiserslautern,

BioCatch Fraud Detection CHECKLIST. 6 Use Cases Solved with Behavioral Biometrics Technology

BioCatch Fraud Detection CHECKLIST 6 Use Cases Solved with Behavioral Biometrics Technology 1 2 MAN-IN-THE- BROWSER MALWARE ATTACK DETECTION (E.G. DYRE, NEVERQUEST) REMOTE ACCESS (RAT) DETECTION Challenge:

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.

Implementation of an Emulation Environment for Large Scale Network Security Experiments Cui Yimin, Liu Li, Jin Qi, Kuang Xiaohui National Key Laboratory of Science and Technology on Information System

PLUMgrid Open Networking Suite Service Insertion Architecture

White Paper PLUMgrid Open Networking Suite Service Insertion Architecture Introduction A rapid increase in the use of cloud services across the globe require networks to be adaptable and flexible. PLUMgrid

http://d-nb.info/1041302002

Contents 1 Introduction 1 1.1 Requirements for Evaluation Techniques 1 1.2 Performance Evaluation Techniques 2 1.2.1 Network Testbeds / Real-World Measurements 2 1.2.2 Network Simulators 3 1.2.3 Analytic

Resilient Botnet Command and Control with Tor

Resilient Botnet Command and Control with Tor Dennis Brown July 2010 10/14/10 1 Who am I? Dennis Brown Security Researcher for Tenable Network Solutions Toorcon 10, 11 Defcon 18 PaulDotCom Podcast Rhode

24/7 Visibility into Advanced Malware on Networks and Endpoints

WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction

Architecture Overview

Architecture Overview Design Fundamentals The networks discussed in this paper have some common design fundamentals, including segmentation into modules, which enables network traffic to be isolated and

LASTLINE WHITEPAPER. The Holy Grail: Automatically Identifying Command and Control Connections from Bot Traffic

LASTLINE WHITEPAPER The Holy Grail: Automatically Identifying Command and Control Connections from Bot Traffic Abstract A distinguishing characteristic of bots is their ability to establish a command and

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds. Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage

Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage UCSD MIT UCSD UCSD Today s talk in one slide Third-party

Using GENI, CloudLab and AWS together within a Cloud Computing course

Using GENI, CloudLab and AWS together within a Cloud Computing course Prasad Calyam, Ph.D. Assistant Professor, Department of Computer Science Talk at GENI Engineering Conference (GEC23), UIUC, June 2015

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

MSSP you us are a Managed Security Service Provider looking to offer Advanced Malware Protection Services Lastline is the only company with 10+ years of academic research focused on detecting advanced

Korea s experience of massive DDoS attacks from Botnet

Korea s experience of massive DDoS attacks from Botnet April 12, 2011 Heung Youl YOUM Ph.D. SoonChunHyang University, Korea President, KIISC, Korea Vice-chairman, ITU-T SG 17 1 Table of Contents Overview

Course 10751A: Configuring and Deploying a Private Cloud with System Center 2012

Course 10751A: Configuring and Deploying a Private Cloud with System Center 2012 OVERVIEW About this Course This course describes private cloud configuration and deployment with Microsoft System Center

M6422A Implementing and Managing Windows Server 2008 Hyper-V

M6422A Implementing and Managing Windows Server 2008 Hyper-V Looking at Training Differently... Course 6422A: Implementing and Managing Windows Server 2008 Hyper-V Length: Published: Language(s): Audience(s):

Hyper-V Replica Broker Configuration Lab By Yung Chou, Microsoft Platform Evangelist, http://aka.ms/yungchou, @yungchou

Page 1 of 23 Hyper-V Replica Broker Configuration Lab By Yung Chou, Microsoft Platform Evangelist, http://aka.ms/yungchou, @yungchou Windows Server 2012 Hyper-V Replica is a built-in mechanism for replicating

Comprehensive Understanding of Malicious Overlay Networks

Comprehensive Understanding of Malicious Overlay Networks Cyber Security Division 2012 Principal Investigators Meeting October 10, 2012 Wenke Lee and David Dagon Georgia Institute of Technology [email protected]

Configuring and Deploying a Private Cloud with System Center 2012 MOC 10751

Configuring and Deploying a Private Cloud with System Center 2012 MOC 10751 Course Outline Module 1: Planning for the Private Cloud This module describes the core components of a private cloud and the

HIDING THE NETWORK BEHIND THE NETWORK. BOTNET PROXY BUSINESS MODEL Alexandru Maximciuc, Cristina Vatamanu & Razvan Benchea Bitdefender, Romania

HIDING THE NETWORK BEHIND THE NETWORK. BOTNET PROXY BUSINESS MODEL Alexandru Maximciuc, Cristina Vatamanu & Razvan Benchea Bitdefender, Romania Email {amaximciuc, cvatamanu, rbenchea}@ bitdefender.com

MCSE: server infrastructure Syllabus

MCSE: server infrastructure Syllabus General Information Description The Microsoft Certified Solutions Expert (MCSE): Server Infrastructure course trains you to acquire the skills needed to run a highly

VIRUS TRACKER CHALLENGES OF RUNNING A LARGE SCALE SINKHOLE OPERATION

VIRUS TRACKER CHALLENGES OF RUNNING A LARGE SCALE SINKHOLE OPERATION Kleissner & Associates Botconf 14, 3-5 Dec 2014, Nancy/France Worlds largest botnet monitoring system Since September 2012 Originally

Configuring and Deploying a Private Cloud with System Center 2012

Course 10751A: Configuring and Deploying a Private Cloud with System Center 2012 Length: Delivery Method: 5 Days Instructor-led (classroom) About this Course This course describes private cloud configuration

10751-Configuring and Deploying a Private Cloud with System Center 2012

Course Outline 10751-Configuring and Deploying a Private Cloud with System Center 2012 Duration: 5 days (30 hours) Target Audience: This course is intended for data center administrators who will be responsible

McAfee Network Security Platform

McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking

Beyond the Hype: Advanced Persistent Threats

Advanced Persistent Threats and Real-Time Threat Management The Essentials Series Beyond the Hype: Advanced Persistent Threats sponsored by Dan Sullivan Introduction to Realtime Publishers by Don Jones,

Mobile Application Hacking for Android and iphone. 4-Day Hands-On Course. Syllabus

Mobile Application Hacking for Android and iphone 4-Day Hands-On Course Syllabus Android and iphone Mobile Application Hacking 4-Day Hands-On Course Course description This course will focus on the techniques

Nuclear Plant Information Security A Management Overview

Nuclear Plant Information Security A Management Overview The diagram above is a typical (simplified) Infosec Architecture Model for a nuclear power plant. The fully-developed model would, for example,

VMsources Group Inc. www.vmsources.com 1-866-644-7764

VMware Horizon View 6 Virtual Desktop Deployment COURSE DESCRIPTION Our VMware View class offers participants the most extensive training available in the Installation, Configuration and Management of

THE BEST WAY TO CATCH A THIEF. Patrick Bedwell, Vice President, Product Marketing

THE BEST WAY TO CATCH A THIEF Patrick Bedwell, Vice President, Product Marketing AlienVault Vision Accelerating and simplifying threat detection and incident response for IT teams with limited resources,

1. Simulation of load balancing in a cloud computing environment using OMNET

Cloud Computing Cloud computing is a rapidly growing technology that allows users to share computer resources according to their need. It is expected that cloud computing will generate close to 13.8 million

MS-10751: Configuring and Deploying a Private Cloud with System Center 2012. Required Exam(s) Course Objectives. Price. Duration. Methods of Delivery

MS-10751: Configuring and Deploying a Private Cloud with System Center 2012 This course teaches students how to design, install and configure a private cloud, including how to configure and deploy the

Designing and Implementing a Server Infrastructure

Course 20413C: Designing and Implementing a Server Infrastructure Course Details Course Outline Module 1: Planning Server Upgrade and Migration This module explains how to plan a server upgrade and migration

Course 6331A: Deploying and Managing Microsoft System Center Virtual Machine Manager

Course 6331A: Deploying and Managing Microsoft System Center Virtual Machine Manager Length: 3 Days Language(s): English Audience(s): IT Professionals Level: 300 Technology: Microsoft System Center Virtual

Fundamentals of a Windows Server Infrastructure Course 10967A; 5 Days, Instructor-led

Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Fundamentals of a Windows Server Infrastructure Course 10967A; 5 Days, Instructor-led

CHAPTER 4 PERFORMANCE ANALYSIS OF CDN IN ACADEMICS

CHAPTER 4 PERFORMANCE ANALYSIS OF CDN IN ACADEMICS The web content providers sharing the content over the Internet during the past did not bother about the users, especially in terms of response time,

MS 10751A - Configuring and Deploying a Private Cloud with System Center 2012

MS 10751A - Configuring and Deploying a Private Cloud with System Center 2012 Description: Days: 5 Prerequisites: This course describes private cloud configuration and deployment with Microsoft System

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware

Denial of Service Attacks

2 Denial of Service Attacks : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 13 August 2013 its335y13s2l06, Steve/Courses/2013/s2/its335/lectures/malicious.tex,

RackSim Virtualized Data Center Simulation

RackSim Virtualized Data Center Simulation Technology Overview Server and storage virtualization technology has revolutionized the data center in recent years. With the introduction of software defined

vsphere Upgrade vsphere 6.0 EN-001721-03

vsphere 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document,

Virtualization for Security

Virtualization for Security t j Including Sandboxing, Disaster Recovery, High Availability, Forensic Analysis, and Honeypotting John Hoopes Technical Editor Aaron Bawcom Paul Kenealy Wesley J. Noonan Craig

Risk and Security Assessment. Zbigniew Kalbarczyk

Risk and Security Assessment Zbigniew Kalbarczyk 1 TCIPG Cluster Arrangement Communication and Data Delivery for Wide-Area Monitoring and Control Trustworthy cyber infrastructure and technologies for wide-area

Sales Slide Midokura Enterprise MidoNet V1. July 2015 Fujitsu Limited

Sales Slide Midokura Enterprise MidoNet V1 July 2015 Fujitsu Limited What Is Midokura Enterprise MidoNet? Network Virtualization Software Coordinated with OpenStack Provides safe & effective virtual networks

Designing a Windows Server 2008 Network Infrastructure

Designing a Windows Server 2008 Network Infrastructure MOC6435 About this Course This five-day course will provide students with an understanding of how to design a Windows Server 2008 Network Infrastructure

ENEE 757 CMSC 818V. Prof. Tudor Dumitraș Assistant Professor, ECE University of Maryland, College Park

21. Botnets ENEE 757 CMSC 818V Prof. Tudor Dumitraș Assistant Professor, ECE University of Maryland, College Park http://ter.ps/757 https://www.facebook.com/sdsatumd Today s Lecture Where we ve been AuthenDcaDon

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心 1 SDN Introduction Decoupling of control plane from data plane

Description: Objective: Attending students will learn:

Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

Experiments. [email protected]

Using Panlab Federation Mechanisms and Infrastructure for Cloud Experiments [email protected] Panlab overview Initial federation and Panlab concepts started in 2006/2007 with the Panlab

Module 1: Overview of Network Infrastructure Design This module describes the key components of network infrastructure design.

SSM6435 - Course 6435A: Designing a Windows Server 2008 Network Infrastructure Overview About this Course This five-day course will provide students with an understanding of how to design a Windows Server

Deploy Your First CF App on Azure with Template and Service Broker. Thomas Shao, Rita Zhang, Bin Xia Microsoft Azure Team

Deploy Your First CF App on Azure with Template and Service Broker Thomas Shao, Rita Zhang, Bin Xia Microsoft Azure Team Build, Stage, Deploy, Publish Applications with one Command Supporting Languages

Virtualizing Enterprise Desktops and Apps

Course 20694B: Virtualizing Enterprise Desktops and Apps Page 1 of 6 Virtualizing Enterprise Desktops and Apps Course 20694B: 4 days; Instructor-Led Introduction This four-day, hands-on training course

Stratusphere Solutions

Stratusphere Solutions Deployment Best Practices Guide Introduction This guide has been authored by experts at Liquidware Labs in order to provide a baseline as well as recommendations for a best practices