Innovative techniques for detecting botnet and other attacks. Dr. Adrian Winckles (Anglia Ruskin University)
This talk highlights novel techniques for botnet and other attack detection without the need for the capturing and storing the whole packet. Many organisations collect “data mountains” of PCAP data and never actually do any analysis with it or even know what data they might need. Imagine how this situation might be improved if the data the organisation needed could be indexed?
Adrian Winckles is Director for the Cyber Security & Networking Research Group and Security Researcher at Anglia Ruskin University. He is OWASP Cambridge Chapter Leader, OWASP Europe Board Member and is involved in rebooting the Cambridge Cluster of the UK Cyber Security Forum. His security research programs include (in)security of software defined networks/everything (SDN/Sdx), novel network botnet detection techniques within cloud and virtual environments, distributed honeypots for threat intelligence, advanced educational techniques for teaching cybercrime investigation and virtual digital crimescene/incident simulation. He has successfully completed a contribution to the European FP7 English Centre of Excellence for Cybercrime training, research and education (ECENTRE). He is Chair of the BCS Cyber Forensics Special Interest Group. Adrian is also CTO for Botprobe, an intelligent threat data capture startup.