conf.directory

DEF CON 32 - Signature-Based Detection Using Network Timing - Josh Pyorre

Josh PyorreDEF CON
42:43
0 views
Published October 16, 2024

About this talk

Malware traffic is commonly identified using signatures based off its code, strings, and associated network infrastructure. However, it's also possible to build signatures from the timing between network transactions. This presentation will explore using network captures of known malicious network activity to find similar behavior in random traffic. The talk is technical as it involves processing packets with Python and a some data science, but will be presented in a way that anyone should be able to understand and enjoy.

Topics covered

Network traffic analysis
Signature-based detection
Malware analysis
Python
Data Science

Stay Updated

Get notified about new features and conference additions.

Related Talks

The Art of Code - Dylan Beattie
01:00:49

The Art of Code - Dylan Beattie

Dylan Beattie
NDC Conferences
4,796,409 views
February 26 2020
Watch Now
What the heck is the event loop anyway? | Philip Roberts | JSConf EU
26:53

What the heck is the event loop anyway? | Philip Roberts | JSConf EU

Philip Roberts
JSConf EU
3,551,387 views
October 9 2014
Watch Now
Expert Talk: DevOps & Software Architecture • Simon Brown, Dave Farley & Hannes Lowette • GOTO 2021
39:51

Expert Talk: DevOps & Software Architecture • Simon Brown, Dave Farley & Hannes Lowette • GOTO 2021

Simon Brown, Dave Farley & Hannes Lowette
GOTO Conferences
3,109,641 views
February 15 2022
Watch Now
DEF CON 32 - Signature-Based Detection Using Network Timing - Josh Pyorre by Josh Pyorre | conf.directory | conf.directory