Profiling hackers: real data, real experiences, wrong myths

Raoul Chiesa UNICRI/ISECOM

Imagine being able to preview an attacker's next move based on the traces left on compromised machines. That's the aim of the Hacker's Profiling Project (HPP), an open methodology that hopes to enable analysts to work on the data (logs, rootkits and any code) left by intruders from a different point of view, providing them with a profiling methodology that will identify the kind of attacker and therefore his modus operandi and potential targets.

This paper will cover the following:

  • InfoSec - Information Security - what does it mean?
  • Cybercrime: how history can help us
  • Profiling the enemy: looking into the hacker's world
  • HPP: the Hacker's Profiling Project
  • What has changed?
  • References & books you should read

 del.icio.us  digg this! digg this

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

Jobs
In Virus Bulletin's jobs pages among others:

Virus Bulletin currently has 224,240 registered users.