Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, May 21 • 4:10pm - 4:50pm
Detecting targeted cyber attacks in the cloud

Sign up or log in to save this to your schedule and see who's attending!

These days, we see an increasing number of cyber-attacks affecting both public and private clouds. According to reports by antivirus companies, clouds can be used by botnets as well as by special services or cyber criminals to run targeted attacks with the purpose of collecting sensitive information in enterprise networks or government institutions.

Current detection security measures often fail because targeted attacks use malicious code, known as 0-day exploits, to expose unknown system vulnerabilities, penetrate network security, and proliferate. Advanced Persistent Threats (APT), in which the attacker tries not to attract too much attention so its spy agents can keep operating without generating a signature for automatic threat detection, can go undetected for years. For example, cyber-attacks NetTraveler, Regin, and TeamSpy were in operation for nine years before antivirus detection.

This presentation will cover:

  • An overview of targeted attacks, based on real life examples such as Cloud Atlas, CosmicDuke, and other attacks in the wild

  • How to mine network Indicators of Compromise (IoC) to detect infection

  • How to use an Intrusion Detection System (IDS) in the cloud to detect network traffic anomalies peculiar to targeted cyber-attacks

By the end of this session, attendees will understand the specifics of targeted cyber attacks and be able to detect APTs or general purpose malware activity in their own cloud networks by using an intrusion detection system.

Speakers
avatar for Alexander Adamov

Alexander Adamov

Mirantis Technical Writing Team Leader, Mirantis
Alexander Adamov, Security Officer at Mirantis, moved into cloud from information security, with more than nine years’ experience in the antivirus industry working for Kaspersky Lab and Lavasoft. Alexander is also a university lecturer developing new courses for EU universities, presenting lectures and trainings that address network security, reverse engineering, and malware analysis simultaneously. At present he is researching a PhD project... Read More →


Thursday May 21, 2015 4:10pm - 4:50pm
Room 118/119/120

Attendees (210)