|By Business Wire||
|August 9, 2013 09:00 AM EDT||
Damballa, the experts in advanced threat protection, today announced that Researcher Terry Nelms will present “ExecScent: Mining for New Command and Control Domains in Live Networks with Adaptive Control Protocol Templates” on Friday, August 16, from 11:30 a.m. – 12:00 p.m. during the USENIX Security Symposium.
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks.
The presentation, based on the research paper co-authored by Nelms; Roberto Perdisci, University of Georgia and Georgia Institute of Technology; and Mustaque Ahamad, Georgia Institute of Technology and New York University Abu Dhabi, will discuss ExecScent, a novel system that aims to mine new, previously unknown command and control (C&C) domains from live enterprise network traffic. ExecScent automatically learns control protocol templates (CPTs) from examples of known C&C communication. These CPTs are then adapted to the background traffic of the network where they are deployed resulting in hybrid templates that can self-tune; thus, yielding a better tradeoff between true and false positives for a given network environment.
The 22nd USENIX Security Symposium will take place August 14-16 from 9:00 a.m. to 5:30 p.m. at the Hyatt Regency Washington on Capitol Hill in Washington, DC. The full agenda can be found at: https://www.usenix.org/conference/usenixsecurity13/glance
|Session: ExecScent: Mining for New Command and Control Domains in Live Networks with Adaptive Control Protocol Templates|
|Friday, August 16, 2013|
|Terry Nelms, Researcher, Damballa|
|22nd USENIX Security Symposium|
Click To Tweet @DamballaInc Terry Nelms presenting ExecScent: Mining for New C&C Domains in Live Networks at USENIX Security; Aug 16 in DC bit.ly/1aMJ8Ve
As the experts in advanced threat protection, Damballa discovers active threats that bypass all security prevention layers. Damballa identifies evidence of malicious network traffic in real time, rapidly pinpointing the compromised devices that represent the highest risk to a business. Our patent-pending solutions leverage Big Data from the industry’s broadest data set of consumer and enterprise network traffic, combined with machine learning, to automatically discover and terminate criminal activity, stopping data theft, minimizing business disruption, and reducing the time to response and remediation. Damballa protects any device or OS including PCs, Macs, Unix, iOS, Android, and embedded systems. Damballa protects more than 300 million endpoints globally at enterprises in every major market and for the world’s largest ISP and telecommunications providers. For more information, visit www.damballa.com, or follow us on Twitter @DamballaInc.