A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Abnormal Behavior Detection in Large Environments - Dave Kennedy GrrCON 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Abnormal Behavior Detection in Large Environments
Dave Kennedy
GrrCON 2016

@HackingDave

Attack patterns are something that when it occurs is extrinsic (not natural) behavior in a infrastructure. Understanding what attack patterns look like and building an understanding of how to detect them with what you already have is possible. Most preventative technology tries in some extent to detect extrinsic behavior in an environment but falls short because of the continual changes in attack patterns and commoditized detection (sigs, etc). This talk dives into looking at what you already have in your infrastructure that you can use for intrinsic (natural) detection capabilities that doesn?t rely on a specific signature, but more so on how attackers go after an organization. As an industry, we need to be detecting the extrinsic occurrences in our networks which exhibit abnormal behavior. During this presentation, we?ll be covering a large percentage of techniques used by attackers, and how to detect them with what you currently have in place at your organization today.

Back to GrrCON 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast