4-8 Apr 2016
4-8 Apr 2016
8 Feb 2016
Course dates may be changed until 3 months before the course
300€ (no fee for Sponsoring Nations)
This training is focused on malware reverse engineering and other methods applicable to botnet infiltration.
This very hands-on oriented 4,5 days intermediate course introduces state-of-the-art botnet concepts and teaches how the botnet threat can be countered. Since most of modern botnets are designed as spyware, this course focusses on the detection of data-exfiltration and modern IDS evasion techniques.
After an initial briefing on botnet concepts and structures reflecting also the history of botnets and their role in cyber conflict, first practical examples of easy botnet structures are demonstrated and tested in practice. Realizing modern botnets usually hide their traffic by blending and encryption techniques, concepts of crypto breaking and polymorphic blending attacks are introduced and shown at recently detected malware samples such as Operation Red October, Zeus and Zero Access Botnet.
Finally, having detected botnet activity, the challenge of botnet infiltration is a botnet takeover – which required detailed understanding of the command-and-control functions implemented. In this course, we decode real botnet traffic and show the botnet C&C functionality by creating an own classroom botnet with the help of construction kits.
NB! Please be aware of the strong technical nature of this course, it is not intended for inexperienced IT security specialists.