Explore innovative machine learning techniques for detecting malicious infrastructure in HTTP responses during this 38-minute conference talk from the Hack In The Box Security Conference. Learn about two new feature extraction methods designed to hunt for anomalies and identify command and control (C&C) servers within large datasets of HTTP traffic. Examine the advantages and limitations of supervised and unsupervised learning approaches, and discover how uniqueness features and header order analysis can enhance detection capabilities. Gain insights into passive scanning techniques that allow for pre-breach identification of potential threats, and understand the implications for blue teams seeking to bolster network defenses against sophisticated attackers utilizing HTTP-based communication channels.
Overview
Syllabus
#HITBCW2021 D1 - Hunting For Malicious Infrastructure Using Big Data by Freek Bax And Shadi Alhakimi
Taught by
Hack In The Box Security Conference
Related Courses
-
Simulating Execution in Malicious Text Detection
-
Hunting for Backdoors in IoT Firmware at Unprecedented Scale
-
Bad Neighborhoods – Data-Driven Detection of Malicious Internet Infrastructure
-
Using Machine-Learning to Investigate Web Campaigns at Large
-
Scare - Static Code Analysis Recognition Evasion
-
Embracing the Uncertainty of Attacks with Big Data Analytics
