Profiling hackers: real data, real experiences, wrong myths

Raoul Chiesa UNICRI/ISECOM

Imagine being able to preview an attacker's next move based on the traces left on compromised machines. That's the aim of the Hacker's Profiling Project (HPP), an open methodology that hopes to enable analysts to work on the data (logs, rootkits and any code) left by intruders from a different point of view, providing them with a profiling methodology that will identify the kind of attacker and therefore his modus operandi and potential targets.

This paper will cover the following:

InfoSec - Information Security - what does it mean?
Cybercrime: how history can help us
Profiling the enemy: looking into the hacker's world
HPP: the Hacker's Profiling Project
What has changed?
References & books you should read

VB Conferences

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘VB is an excellent conference for networking.’

Poll

Do you use the same password(s) across multiple websites?

Leave a comment
View 4 comments

VB2010

VB2010 will take place 29 September-1 October 2009 at the Westin Bayshore, Vancouver, BC, Canada. Early bird discount available until 15th June 2010.

Virus Bulletin currently has 190,375 registered users.

Fighting malware and spam