Signature-Based Detection Using Network Timing - Malware Traffic Analysis

Explore malware detection techniques in this DEF CON 32 conference talk focusing on signature-based detection through network timing analysis. Learn how to identify malicious network activity by examining the timing patterns between network transactions, rather than traditional methods that rely on code analysis, strings, or infrastructure. Discover practical approaches to processing packet data using Python and data science techniques to detect similar behavioral patterns in random network traffic. While the presentation delves into technical aspects of packet processing and data analysis, the concepts are explained in an accessible manner suitable for audiences of all technical backgrounds.