Presentations about Bitscout at HiTB 2017 in Singapore
Written by Vitaly Kamluk
2 minute read
Speaker: Nicolas Collery
Has it ever happened to you on a Friday afternoon, just before closing your laptop, tidying your desk before a long weekend? A weekend that indeed looks now very long in perspective? A server disappeared! A network device that blinks mysteriously and frantically like a Christmas tree. No clues yet to be found? Feeling like calling Watson? Call no one but become Sherlock himself to uncover the truth!
This session will reveal some of Moriarty’s machinations and some cyber forensics techniques you can use to identify all the clues left over and finally solve the puzzle quickly (before your weekend runs over). Some of the tools of deduction will include:
Speaker: Vitaly Kamluk, Wayne Lee
Our talk will focus on challenges of cyberattack investigation, explain why we have constantly emerging level of cybercrime worldwide and propose a solution to increase efficiency of future cyberattack investigators.
Our presentation includes technical details and architecture of a tool that we use to conduct remote digital forensic analysis. Moreover, not only we reveal the internals of the tool, but will introduce a way to build your own tool for remote incident analysis. Our solution is an open-source constructor of Live OS environment that can suite such needs. While it is fully open-source and non-binary code, it introduces several novel approaches that are based on combination of existing techniques from the domain of free and open-source software.
The presentation includes a live demo of using the tool to analyze a remote infection in forensically sound manner. The infected machine will have a combination of multiple world class targeted attack malware (including kernel mode rootkit) and techniques deployed on a single host to complicate such analysis. We will announce public availability of free Live OS constructor code and invite volunteer contributors to the project. A new Live OS that we will use for the demo will be built live on stage during our talk.
If you find any bugs or problems with the project, please open an issue over on Github.
GithubFeel free to tweet at me if you have suggestions for Bitscout. Or if you just want to say hi.
Twitter