SlideShare una empresa de Scribd logo

Live Investigation of Next Generation Botnets

Descargar como PPT, PDF
B
butest

SLINGbot is a system that enables the characterization of present and future botnet threats by allowing researchers to construct benign botnets with varying command and control structures in a controlled, safe, and repeatable manner. It facilitates the creation of simulated botnets using a composable bot framework and scenario driver to direct botnet activities. This allows researchers to generate simulated ground truth for testing botnet detection and mitigation techniques.

1 de 16
A System for Live Investigation of Next Generation Botnets Authors: Alden W. Jackson, David Lapsley, Christine Jones… CATCH 2009 Reporter: Jing Chiu Email: D9815023@mail.ntust.edu.tw Data Mining & Machine Learning Lab 04/26/10
Outlines ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Data Mining & Machine Learning Lab 04/26/10
Introduction ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Data Mining & Machine Learning Lab 04/26/10
Botnet Formation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Data Mining & Machine Learning Lab 04/26/10
C&C Feature Space ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Data Mining & Machine Learning Lab 04/26/10
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],C&C Feature Space (cont.) Data Mining & Machine Learning Lab 04/26/10
C&C Feature Space (cont.) Data Mining & Machine Learning Lab 04/26/10
[object Object],[object Object],System Architecture 04/26/10 Data Mining & Machine Learning Lab
Botnet Scenario Driver ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],04/26/10 Data Mining & Machine Learning Lab
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Composable Bot Framework 04/26/10 Data Mining & Machine Learning Lab
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Composable Bot Framework (cont.) 04/26/10 Data Mining & Machine Learning Lab
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],SLINGbog Bot Variants 04/26/10 Data Mining & Machine Learning Lab
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Summary 04/26/10 Data Mining & Machine Learning Lab
Questions? 04/26/10 Data Mining & Machine Learning Lab
04/26/10 Data Mining & Machine Learning Lab
04/26/10 Data Mining & Machine Learning Lab

Recomendados

ppt
pptppt
pptbutest
 
Reporting a single linear regression in apa
Reporting a single linear regression in apaReporting a single linear regression in apa
Reporting a single linear regression in apaKen Plummer
 
Paper(edited)
Paper(edited)Paper(edited)
Paper(edited)killswitch4
 
Extending LabVIEW to the Web Using the LabSocket System
Extending LabVIEW to the Web Using the LabSocket SystemExtending LabVIEW to the Web Using the LabSocket System
Extending LabVIEW to the Web Using the LabSocket SystemBergmans Mechatronics LLC
 
Botnet communication patterns 2
Botnet communication patterns 2Botnet communication patterns 2
Botnet communication patterns 2killswitch4
 
Io t data streaming
Io t data streamingIo t data streaming
Io t data streamingratthaslip ranokphanuwat
 
Tomcat New Evolution
Tomcat New EvolutionTomcat New Evolution
Tomcat New EvolutionAllan Huang
 
Rock Overview
Rock OverviewRock Overview
Rock OverviewSylvain Joyeux
 

Recomendados

ppt
pptppt
pptbutest
 
Reporting a single linear regression in apa
Reporting a single linear regression in apaReporting a single linear regression in apa
Reporting a single linear regression in apaKen Plummer
 
Paper(edited)
Paper(edited)Paper(edited)
Paper(edited)killswitch4
 
Extending LabVIEW to the Web Using the LabSocket System
Extending LabVIEW to the Web Using the LabSocket SystemExtending LabVIEW to the Web Using the LabSocket System
Extending LabVIEW to the Web Using the LabSocket SystemBergmans Mechatronics LLC
 
Botnet communication patterns 2
Botnet communication patterns 2Botnet communication patterns 2
Botnet communication patterns 2killswitch4
 
Io t data streaming
Io t data streamingIo t data streaming
Io t data streamingratthaslip ranokphanuwat
 
Tomcat New Evolution
Tomcat New EvolutionTomcat New Evolution
Tomcat New EvolutionAllan Huang
 
Rock Overview
Rock OverviewRock Overview
Rock OverviewSylvain Joyeux
 
Resume_052715
Resume_052715Resume_052715
Resume_052715Phu Sam
 
Guadalajara con 2012
Guadalajara con 2012Guadalajara con 2012
Guadalajara con 2012Jaime Restrepo
 
DotDotPwn v3.0 [GuadalajaraCON 2012]
DotDotPwn v3.0 [GuadalajaraCON 2012]DotDotPwn v3.0 [GuadalajaraCON 2012]
DotDotPwn v3.0 [GuadalajaraCON 2012]Websec México, S.C.
 
lorne-poster
lorne-posterlorne-poster
lorne-posterGautam Manoharan
 
Developing iPhone and iPad apps that leverage Windows Azure
Developing iPhone and iPad apps that leverage Windows AzureDeveloping iPhone and iPad apps that leverage Windows Azure
Developing iPhone and iPad apps that leverage Windows AzureSimon Guest
 
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...SamHoney6
 
Mule ctf
Mule ctfMule ctf
Mule ctfD.Rajesh Kumar
 
Best Embedded System Training in Bangalore by myTectra
Best Embedded System Training in Bangalore by myTectraBest Embedded System Training in Bangalore by myTectra
Best Embedded System Training in Bangalore by myTectramyTectra Learning Solutions Private Ltd
 
Machine Learning Based Botnet Detection
Machine Learning Based Botnet DetectionMachine Learning Based Botnet Detection
Machine Learning Based Botnet Detectionbutest
 
ACAT08_040
ACAT08_040ACAT08_040
ACAT08_040Valeri Fine
 
Ccn aquestions jul_7_2015
Ccn aquestions jul_7_2015Ccn aquestions jul_7_2015
Ccn aquestions jul_7_2015Carlos Humberto Rivera Mera
 
Common ASP.NET Design Patterns - Telerik India DevCon 2013
Common ASP.NET Design Patterns - Telerik India DevCon 2013Common ASP.NET Design Patterns - Telerik India DevCon 2013
Common ASP.NET Design Patterns - Telerik India DevCon 2013Steven Smith
 
OMG CORBA Component Model tutorial
OMG CORBA Component Model tutorialOMG CORBA Component Model tutorial
OMG CORBA Component Model tutorialJohnny Willemsen
 
NetBrain CE 5.0
NetBrain CE 5.0NetBrain CE 5.0
NetBrain CE 5.0NetBrain Technologies
 
Wang lab introduction_1204_2018
Wang lab introduction_1204_2018Wang lab introduction_1204_2018
Wang lab introduction_1204_2018俊廷 陳
 
Forecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptForecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptOpen Data Center Alliance
 
Amost 2011 keynote
Amost 2011 keynoteAmost 2011 keynote
Amost 2011 keynoteWolfgang Grieskamp
 
Annotation-Based Spring Portlet MVC
Annotation-Based Spring Portlet MVCAnnotation-Based Spring Portlet MVC
Annotation-Based Spring Portlet MVCJohn Lewis
 
S02 hybrid app_and_gae_restful_architecture_v2.0
S02 hybrid app_and_gae_restful_architecture_v2.0S02 hybrid app_and_gae_restful_architecture_v2.0
S02 hybrid app_and_gae_restful_architecture_v2.0Sun-Jin Jang
 
StratusLab at FOSDEM'13
StratusLab at FOSDEM'13StratusLab at FOSDEM'13
StratusLab at FOSDEM'13stratuslab
 
EL MODELO DE NEGOCIO DE YOUTUBE
EL MODELO DE NEGOCIO DE YOUTUBEEL MODELO DE NEGOCIO DE YOUTUBE
EL MODELO DE NEGOCIO DE YOUTUBEbutest
 
1. MPEG I.B.P frame之不同
1. MPEG I.B.P frame之不同1. MPEG I.B.P frame之不同
1. MPEG I.B.P frame之不同butest
 

Más contenido relacionado

Similar a Live Investigation of Next Generation Botnets

Resume_052715
Resume_052715Resume_052715
Resume_052715Phu Sam
 
DotDotPwn v3.0 [GuadalajaraCON 2012]
DotDotPwn v3.0 [GuadalajaraCON 2012]DotDotPwn v3.0 [GuadalajaraCON 2012]
DotDotPwn v3.0 [GuadalajaraCON 2012]Websec México, S.C.
 
Developing iPhone and iPad apps that leverage Windows Azure
Developing iPhone and iPad apps that leverage Windows AzureDeveloping iPhone and iPad apps that leverage Windows Azure
Developing iPhone and iPad apps that leverage Windows AzureSimon Guest
 
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...SamHoney6
 
Machine Learning Based Botnet Detection
Machine Learning Based Botnet DetectionMachine Learning Based Botnet Detection
Machine Learning Based Botnet Detectionbutest
 
Common ASP.NET Design Patterns - Telerik India DevCon 2013
Common ASP.NET Design Patterns - Telerik India DevCon 2013Common ASP.NET Design Patterns - Telerik India DevCon 2013
Common ASP.NET Design Patterns - Telerik India DevCon 2013Steven Smith
 
OMG CORBA Component Model tutorial
OMG CORBA Component Model tutorialOMG CORBA Component Model tutorial
OMG CORBA Component Model tutorialJohnny Willemsen
 
Wang lab introduction_1204_2018
Wang lab introduction_1204_2018Wang lab introduction_1204_2018
Wang lab introduction_1204_2018俊廷 陳
 
Annotation-Based Spring Portlet MVC
Annotation-Based Spring Portlet MVCAnnotation-Based Spring Portlet MVC
Annotation-Based Spring Portlet MVCJohn Lewis
 
S02 hybrid app_and_gae_restful_architecture_v2.0
S02 hybrid app_and_gae_restful_architecture_v2.0S02 hybrid app_and_gae_restful_architecture_v2.0
S02 hybrid app_and_gae_restful_architecture_v2.0Sun-Jin Jang
 
StratusLab at FOSDEM'13
StratusLab at FOSDEM'13StratusLab at FOSDEM'13
StratusLab at FOSDEM'13stratuslab
 

Similar a Live Investigation of Next Generation Botnets (20)

Resume_052715
Resume_052715Resume_052715
Resume_052715
 
Guadalajara con 2012
Guadalajara con 2012Guadalajara con 2012
Guadalajara con 2012
 
DotDotPwn v3.0 [GuadalajaraCON 2012]
DotDotPwn v3.0 [GuadalajaraCON 2012]DotDotPwn v3.0 [GuadalajaraCON 2012]
DotDotPwn v3.0 [GuadalajaraCON 2012]
 
lorne-poster
lorne-posterlorne-poster
lorne-poster
 
Developing iPhone and iPad apps that leverage Windows Azure
Developing iPhone and iPad apps that leverage Windows AzureDeveloping iPhone and iPad apps that leverage Windows Azure
Developing iPhone and iPad apps that leverage Windows Azure
 
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...
cupdf.com_chapter-11-system-level-verification-issues-the-importance-of-verif...
 
Mule ctf
Mule ctfMule ctf
Mule ctf
 
Best Embedded System Training in Bangalore by myTectra
Best Embedded System Training in Bangalore by myTectraBest Embedded System Training in Bangalore by myTectra
Best Embedded System Training in Bangalore by myTectra
 
Machine Learning Based Botnet Detection
Machine Learning Based Botnet DetectionMachine Learning Based Botnet Detection
Machine Learning Based Botnet Detection
 
ACAT08_040
ACAT08_040ACAT08_040
ACAT08_040
 
Ccn aquestions jul_7_2015
Ccn aquestions jul_7_2015Ccn aquestions jul_7_2015
Ccn aquestions jul_7_2015
 
Common ASP.NET Design Patterns - Telerik India DevCon 2013
Common ASP.NET Design Patterns - Telerik India DevCon 2013Common ASP.NET Design Patterns - Telerik India DevCon 2013
Common ASP.NET Design Patterns - Telerik India DevCon 2013
 
OMG CORBA Component Model tutorial
OMG CORBA Component Model tutorialOMG CORBA Component Model tutorial
OMG CORBA Component Model tutorial
 
NetBrain CE 5.0
NetBrain CE 5.0NetBrain CE 5.0
NetBrain CE 5.0
 
Wang lab introduction_1204_2018
Wang lab introduction_1204_2018Wang lab introduction_1204_2018
Wang lab introduction_1204_2018
 
Forecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of ConceptForecast 2014: TOSCA Proof of Concept
Forecast 2014: TOSCA Proof of Concept
 
Amost 2011 keynote
Amost 2011 keynoteAmost 2011 keynote
Amost 2011 keynote
 
Annotation-Based Spring Portlet MVC
Annotation-Based Spring Portlet MVCAnnotation-Based Spring Portlet MVC
Annotation-Based Spring Portlet MVC
 
S02 hybrid app_and_gae_restful_architecture_v2.0
S02 hybrid app_and_gae_restful_architecture_v2.0S02 hybrid app_and_gae_restful_architecture_v2.0
S02 hybrid app_and_gae_restful_architecture_v2.0
 
StratusLab at FOSDEM'13
StratusLab at FOSDEM'13StratusLab at FOSDEM'13
StratusLab at FOSDEM'13
 

Más de butest

EL MODELO DE NEGOCIO DE YOUTUBE
EL MODELO DE NEGOCIO DE YOUTUBEEL MODELO DE NEGOCIO DE YOUTUBE
EL MODELO DE NEGOCIO DE YOUTUBEbutest
 
1. MPEG I.B.P frame之不同
1. MPEG I.B.P frame之不同1. MPEG I.B.P frame之不同
1. MPEG I.B.P frame之不同butest
 
LESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIALLESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIALbutest
 
Timeline: The Life of Michael Jackson
Timeline: The Life of Michael JacksonTimeline: The Life of Michael Jackson
Timeline: The Life of Michael Jacksonbutest
 
Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...
Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...
Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...butest
 
LESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIALLESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIALbutest
 
Com 380, Summer II
Com 380, Summer IICom 380, Summer II
Com 380, Summer IIbutest
 
The MYnstrel Free Press Volume 2: Economic Struggles, Meet Jazz
The MYnstrel Free Press Volume 2: Economic Struggles, Meet JazzThe MYnstrel Free Press Volume 2: Economic Struggles, Meet Jazz
The MYnstrel Free Press Volume 2: Economic Struggles, Meet Jazzbutest
 
MICHAEL JACKSON.doc
MICHAEL JACKSON.docMICHAEL JACKSON.doc
MICHAEL JACKSON.docbutest
 
Social Networks: Twitter Facebook SL - Slide 1
Social Networks: Twitter Facebook SL - Slide 1Social Networks: Twitter Facebook SL - Slide 1
Social Networks: Twitter Facebook SL - Slide 1butest
 
Facebook
Facebook Facebook
Facebook butest
 
Executive Summary Hare Chevrolet is a General Motors dealership ...
Executive Summary Hare Chevrolet is a General Motors dealership ...Executive Summary Hare Chevrolet is a General Motors dealership ...
Executive Summary Hare Chevrolet is a General Motors dealership ...butest
 
Welcome to the Dougherty County Public Library's Facebook and ...
Welcome to the Dougherty County Public Library's Facebook and ...Welcome to the Dougherty County Public Library's Facebook and ...
Welcome to the Dougherty County Public Library's Facebook and ...butest
 
NEWS ANNOUNCEMENT
NEWS ANNOUNCEMENTNEWS ANNOUNCEMENT
NEWS ANNOUNCEMENTbutest
 
C-2100 Ultra Zoom.doc
C-2100 Ultra Zoom.docC-2100 Ultra Zoom.doc
C-2100 Ultra Zoom.docbutest
 
MAC Printing on ITS Printers.doc.doc
MAC Printing on ITS Printers.doc.docMAC Printing on ITS Printers.doc.doc
MAC Printing on ITS Printers.doc.docbutest
 
Mac OS X Guide.doc
Mac OS X Guide.docMac OS X Guide.doc
Mac OS X Guide.docbutest
 
WEB DESIGN!
WEB DESIGN!WEB DESIGN!
WEB DESIGN!butest
 

Más de butest (20)

EL MODELO DE NEGOCIO DE YOUTUBE
EL MODELO DE NEGOCIO DE YOUTUBEEL MODELO DE NEGOCIO DE YOUTUBE
EL MODELO DE NEGOCIO DE YOUTUBE
 
1. MPEG I.B.P frame之不同
1. MPEG I.B.P frame之不同1. MPEG I.B.P frame之不同
1. MPEG I.B.P frame之不同
 
LESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIALLESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIAL
 
Timeline: The Life of Michael Jackson
Timeline: The Life of Michael JacksonTimeline: The Life of Michael Jackson
Timeline: The Life of Michael Jackson
 
Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...
Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...
Popular Reading Last Updated April 1, 2010 Adams, Lorraine The ...
 
LESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIALLESSONS FROM THE MICHAEL JACKSON TRIAL
LESSONS FROM THE MICHAEL JACKSON TRIAL
 
Com 380, Summer II
Com 380, Summer IICom 380, Summer II
Com 380, Summer II
 
PPT
PPTPPT
PPT
 
The MYnstrel Free Press Volume 2: Economic Struggles, Meet Jazz
The MYnstrel Free Press Volume 2: Economic Struggles, Meet JazzThe MYnstrel Free Press Volume 2: Economic Struggles, Meet Jazz
The MYnstrel Free Press Volume 2: Economic Struggles, Meet Jazz
 
MICHAEL JACKSON.doc
MICHAEL JACKSON.docMICHAEL JACKSON.doc
MICHAEL JACKSON.doc
 
Social Networks: Twitter Facebook SL - Slide 1
Social Networks: Twitter Facebook SL - Slide 1Social Networks: Twitter Facebook SL - Slide 1
Social Networks: Twitter Facebook SL - Slide 1
 
Facebook
Facebook Facebook
Facebook
 
Executive Summary Hare Chevrolet is a General Motors dealership ...
Executive Summary Hare Chevrolet is a General Motors dealership ...Executive Summary Hare Chevrolet is a General Motors dealership ...
Executive Summary Hare Chevrolet is a General Motors dealership ...
 
Welcome to the Dougherty County Public Library's Facebook and ...
Welcome to the Dougherty County Public Library's Facebook and ...Welcome to the Dougherty County Public Library's Facebook and ...
Welcome to the Dougherty County Public Library's Facebook and ...
 
NEWS ANNOUNCEMENT
NEWS ANNOUNCEMENTNEWS ANNOUNCEMENT
NEWS ANNOUNCEMENT
 
C-2100 Ultra Zoom.doc
C-2100 Ultra Zoom.docC-2100 Ultra Zoom.doc
C-2100 Ultra Zoom.doc
 
MAC Printing on ITS Printers.doc.doc
MAC Printing on ITS Printers.doc.docMAC Printing on ITS Printers.doc.doc
MAC Printing on ITS Printers.doc.doc
 
Mac OS X Guide.doc
Mac OS X Guide.docMac OS X Guide.doc
Mac OS X Guide.doc
 
hier
hierhier
hier
 
WEB DESIGN!
WEB DESIGN!WEB DESIGN!
WEB DESIGN!
 

Live Investigation of Next Generation Botnets

  • 1. A System for Live Investigation of Next Generation Botnets Authors: Alden W. Jackson, David Lapsley, Christine Jones… CATCH 2009 Reporter: Jing Chiu Email: D9815023@mail.ntust.edu.tw Data Mining & Machine Learning Lab 04/26/10
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7. C&C Feature Space (cont.) Data Mining & Machine Learning Lab 04/26/10
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14. Questions? 04/26/10 Data Mining & Machine Learning Lab
  • 15. 04/26/10 Data Mining & Machine Learning Lab
  • 16. 04/26/10 Data Mining & Machine Learning Lab