BlueHat Security Briefing: Fall 2014 Botintime Phoenix: DGA-based Botnet - Stefano Zanero
Play BlueHat Security Briefing: Fall 2014 Botintime Phoenix: DGA-based Botnet - Stefano Zanero
Description
Botintime - Phoenix: DGA-based Botnet Tracking and Intelligence
Its common knowledge that a malicious domain automatically generated will not become popular and also an attacker will register a domain with a Top Level Domain that does not require clearance. Hence, we use phoenix which filters out domains likely to be generated by humans. The core of Phoenix is its ability to separate DGA from non-DGA domains, using linguistic features.
Day:
1Download
Right click or Alt+Enter to download this episode
- MP3 (43.1 MB)
- Low Quality MP4 (99.7 MB)
- Mid Quality WMV (168.4 MB)
- Mid Quality MP4 (394.2 MB)
- High Quality WMV (514.3 MB)
rss