Please do not close or refresh this window...
Tuesday, 5 December 2017 12:00 PM - 6:00 PM CET
Université de Montpellier, 14 rue Cardinal de Cabrières, Montpellier, Hérault, 34000, France
Access code applied successfully. Remove
Invalid access code. Try again
4 hours - Fully understanding a botnet often requires a researcher to go beyond standard reverse-engineering practice and explore the malware’s network traffic. The latter can provide meaningful information on the evolution of a malware’s activity. However, it is often disregarded in malware research due to time constraints and publication pressures. The workshop is about overcoming such constraints by providing a powerful workflow to conduct quick analysis of malicious traffic. The data science approach presented capitalizes on open-source tools (Wireshark/Tshark, Bash with GNU parallel) and valuable python libraries (ipython, mitmproxy, pandas, matplotlib). During the workshop, participants will do practical technical labs with datasets from our recent botnet investigation. They will learn how to quickly find patterns, plot graphs and interpret data in a meaningful way. Although the exercises will focus on botnet’s data, the tools and skills learned will be useful to all sorts of
Cyber Threat Intel & Incident Response in 2017 MISP, TheHive & Cortex Overview Installing & configuring the product stack Bringing it all together An IR case study Dealing with notifications How CTI feeds IR How IR feeds CTI The CTI-IR cycle: case study
The goal of this workshop is to present how to use python to make machine learning. We take examples of security data like malware and we explain how to transform data to use algorithms of machine learning. We detail the different algorithms and the different librairies Scikit-learn and Tensorflow. The algorithms help to clusterize quickly a malware database to create yara signatures for using in Incident Response. The participants will work on a small dataset, develop some code based on these librairies and create yara signature.
Cabrières, Université de Montpellier, Montpellier, Hérault, 34000, France.
This is a separate registration for attending workshops at Botconf 2017 (December 5th 2017 in Montpellier, France)
https://www.botconf.eu
International Botnet Fighting Association
Please enter below, the secure invite code provided to you by the event organizer in order to proceed...
(Please use a genuine email address. It will be used to validate your request)