Presentation Title Analyzing Massive Web Attacks
Presentation Abstract
The goal of this talk is to have a deep look at some recent web attacks that occured over the Internet, especially those that were used to target a huge number of people. Thanks to special forensics operations, we will be able to bring code used by attackers to get an access, to keep control, and to commit cyber crimes. For example, we will take real code and logs dealing with attacks that targetted some well known web services like Facebook, Paypal, etc.
1 – The art of massive web compromission
2 – The threats
- 2a: Targeting the internet end users
- 2b: Targeting random web servers
- 2c: Hiding such evil activities
3- The Counter-Measures
- 3a: Detection (improving web based intrusion detection)
- 3b: Protection/Containment (improving hardening of web servers)
- 3c: Active Response (identify the attackers, identify the human targets, counter-attack…)
Real code + real fingerprints (evil unknown web traffic) used by attackers through recent attacks will be used to analyze what happens for real in the underground (getting an access, compromizing humans, cleaning fingerprints (automatic old school like rootkits, etc).
About Laurent Oudot
Laurent is a French senior IT Security consultant, who founded TEHTRI-Security in 2010. Last 15 years, he has been hired as a security expert to protect and pentest networks and systems of highly sensitive places like the French Nuclear Warhead Program, the French Ministry of Defense, the United Nations, etc.
He has been doing research on defensive technologies and underground activities with numerous security projects handled, and he was a member of team RstAck and of the Steering Committee of the Honeynet Research Alliance. Laurent has been a frequent presenter or instructor at computer security and academic conferences like Cansecwest, Pacsec, Black Hat USA-Asia-Europe, Defcon, Hack In The Box Europe-Asia-Dubai, US DoD/DoE, SyScan China-Singapore-Vietnam, Hope, Honeynet, PH-Neutral, Hack.LU, as well as a contributor to several research papers for SecurityFocus, MISC Magazine, IEEE, etc.