Explore a groundbreaking approach to cybersecurity in this 50-minute Black Hat conference talk that challenges conventional detection methods. Discover how to identify unknown malicious activities using standard device logs from proxies and firewalls, without relying on dedicated attack detection systems. Learn about innovative techniques such as C2 Savage Detection, C2 Server Detection, and the transformation of logs into images for analysis. Delve into the application of Recurrent Neural Network models and formal methods to enhance threat detection capabilities. Gain insights from cybersecurity experts Hiroshi Suzuki and Hisao Nashiwa as they present their research on overcoming limitations in pattern matching, blacklists, behavioral analysis, and event correlation.
Deep Impact - Recognizing Unknown Malicious Activities from Zero Knowledge
Overview
Syllabus
Introduction
Existing Detection Methods
C2 Savage Detection
C2 Server Detection
Combating Logs into Images
Data Sets
Models
Summary
Existing Methods
Formal Method
Content Type Transition
Recurrent Neural Network Model
Presentation Summary
Questions
Taught by
Black Hat
