SYS-CON MEDIA Authors: Mat Mathews, PR.com Newswire, David Smith, Tim Crawford, Kevin Benedict

News Feed Item

Arbor Networks’ Marc Eisenbarth and Jason Jones to Discuss Botnet Tracking and Intelligence Sharing at AusCERT 2014

Arbor Networks, Inc., a leading provider of DDoS and advanced threat protection solutions for enterprise and service provider networks, announced today that Marc Eisenbarth, Security Architect and Manager of Research for the Arbor Security Engineering and Response Team (ASERT) and Jason Jones, Security Research Analyst for ASERT, will be speaking at AusCERT 2014. During their joint presentation, they will draw on their experience in malware reverse engineering and botnet tracking to discuss the evolution of botnet tracking over time, sharing case studies from real-world attack scenarios. In a separate presentation later in the week, Marc Eisenbarth will share insight into how the ASERT team leverages ATLAS® data, the world's largest distributed honeynet made up of over 80 Tbps of global Internet traffic, to share actionable intelligence both with customers and with hundreds of CERT organizations around the world.

Separately at AusCERT, the ASERT team is also a finalist in the 2014 AusCERT Awards for Organizational Excellence. Winners will be announced on May 15, 2014 at the AusCERT 2014 Gala Dinner. Arbor will also be exhibiting at the show alongside local distributor Whitegold Solutions in their stand on the exhibitor floor.

“BladeRunner: Adventures in Tracking Botnets”

The problem of tracking botnets is not a new one, but still proves to be an important and fruitful research topic. ASERT has been tracking many botnets for years using an internally built tracking system, which has undergone a number of significant improvements and changes over the years. The basic tenet is a language for implementing botnet command-and-control mechanisms and tracking the resulting infiltrated botnets. This presentation will cover the evolution of this system, which offers a vignette of the evolution of the modern day botnet itself. With this historical backdrop, Marc and Jason will discuss ASERT’s current monitoring mechanisms and selected botnet family case studies, highlighting results - including correlations gleaned from data-mining the results and will conclude with offering a toolkit that allows others to conduct similar investigations.

WHEN:
Date: May 14, 2014
Time: 10:40 - 11:20
Location: Prince Room

WHERE:
AusCERT 2014
RACV Royal Pines Resort
Gold Coast, Australia

“ASERT: Internet-Scale Security”

Arbor Networks is a member of an elite group of institutions that might be referred to as "super remediators." This is a reflection of having both visibility and remediation capabilities at nearly every tier one operator and the majority of service provider networks globally. The Arbor Security Engineering and Response Team (ASERT) shares operationally viable intelligence with hundreds of international Computer Emergency Response Teams (CERTs) in an out-of-band manner, apart from the Arbor Networks product line. ASERT also provides this same data to thousands of network operators via in-band security content feeds. ASERT also operates ATLAS, the world's largest distributed honeynet, capturing 80 Tbps of global Internet traffic, or roughly one third of all Internet traffic. This brief talk outlines various datasets that ASERT maintains and offers some brief statistics and findings. Marc will discuss the high-level process in which ASERT derives actionable intelligence from these datasets and the following challenges in getting the data to the party capable of performing the most efficient remediation. This presentation will close by introducing various research problems ASERT is interested in solving and our current progress in these areas.

WHEN:
Date: May 15, 2014
Time: 13:30 - 14:10
Location: Norfolk Room

WHERE:
AusCERT 2014
RACV Royal Pines Resort
Gold Coast, Australia

For more information on ASERT, please visit the ASERT blog for regular insight into malware research, industry commentary and technical insight into breaking security events: http://www.arbornetworks.com/asert/

About Arbor Networks

Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver comprehensive network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and help reduce the risk to their business.

To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor’s research, analysis and insight, together with data from the ATLAS® global threat intelligence system, can be found at the ATLAS Threat Portal.

Trademark Notice: Arbor Networks, Peakflow, ArbOS, ATLAS, Pravail, Arbor Cloud, Cloud Signaling, the Arbor Networks logo and Arbor Networks: Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brand names may be trademarks of their respective owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.