Loading…
BruCON 0x05 has ended
This schedule is subject to change, check back regularly.
Registrations start at 8h30!
Workshop rooms in the location Novotel are 5 minutes walking from the main venue.
Workshop seats are limited to max 30 persons in rooms Orval, Chimay & La Trappe Seats will be on a first come first serve basis, please be there in time
back to BruCON web site.
TIP: to see as grid: click on the "Schedule button"  
Thursday, September 26 • 3:00pm - 4:00pm
Realtime analysis and visualization of internet status (Tiago Balgan Henriques, Tiago Martins, João Gouveia)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Nowadays, nearly everyday we see a new botnet going up and another one being brought down, looking at this fact the presenters of this talk decided that they needed a way to constantly know and visualize different botnet status. Then we decided we needed to go one step further,  and, not only understand how they were growing or shrinking, but to also capture patterns between the different machines that have been compromised and multiple proprieties of different botnets:

  • Which port(s) does a certain botnet use?
  • Which type of protocol?
  • What type of machine is it?
  • Is it a personal machine or a gateway with multiple machines behind it?
  • Is that machine affected by one or more botnets?

After we achieved this, we decided to create a fast and useful way to use this data, so we created what we call The Cyberfeed and Project Hyperion, which we will also be doing live demos of.

On the cyberfeed side you can access all of our data of all types from sinkholes, to portscans, and even honeypots and do different types of queries, allowing you to access only the data you need and want, combining all this it can provide you with useful information that can even be used in defense.

On Hyperion, is where our visual modules are located, you can easily get visual geospatial information about different botnets and search for information on our portscans.

Speakers
avatar for João Gouveia

João Gouveia

João Gouveia (CTO) & Co-founder of AnubisNetworks has specialized in the IT security field for over 13 years * Deep knowledge over the broad spectrum of the IT landscape security * Focused on understanding current and future threats and align technology strategy to come up with... Read More →
avatar for Tiago Balgan Henriques

Tiago Balgan Henriques

Tiago 'Balgan' Henriques currently is Security Lead at Centralway located in Zurich. At the university he did some part time lecturing on a different range of topics, from Computer Security, to Networking and Cryptography. His main interests are: Cryptography, Pentesting, Information... Read More →
avatar for Tiago Martins

Tiago Martins

Tiago Martins got his MSc in Computer Engineering at University of Lisbon in 2010 and has been working in Research and Development since 2009. Currently he’s working at AnubisNetworks where his main area of focus is Security Information and Event Management. His work involves the... Read More →


Thursday September 26, 2013 3:00pm - 4:00pm CEST
1 Westvleteren Aula Ghent