November 16, 2013

Offensive Anti-Botnet: So you want to take over a botnet... - February 16th, 2014

Event: Offensive Anti-Botnet: So you want to take over a botnet...
When: Sunday, 2014-02-16, 2-3:30pm
Speaker: Dave Dittrich
Cost: Free
Talk: 2pm - 3:30pm
Where: 17725 NE 65th St A-155, Redmond, WA 98052

The Event

Computer criminals regularly construct large distributed attack networks comprised of many thousands of compromised computers around the globe. Once constituted, these attack networks are used to perform computer crimes, creating yet other sets of victims of secondary computer crimes, such as denial of service attacks, spam delivery, theft of personal and financial information for performing fraud, exfiltration of proprietary information for competitive advantage (industrial espionage), etc.

The arms race between criminal actors who create and operate botnets and the computer security industry and research community who are actively trying to take these botnets down is escalating in aggressiveness. As the sophistication level of botnet engineering and operations increases, so does the demand on reverse engineering, understanding weaknesses in design that can be exploited on the defensive (or counter-offensive) side, and the possibility that actions to take down or eradicate the botnet may cause unintended consequences.

This talk will look at some of the motivations for taking aggressive "self-defense" actions, the ethical issues that are involved and how to think about them, examine some recent botnet takedown actions and their side-effects, and provide personal opinions on how the security research and operations communities should consider on the path forward.

About the Speaker

Dave Dittrich is a Principal Software Engineer with the Applied Physics Laboratory at the University of Washington. He has been involved in investigating and countering computer crimes going back to the late-1990s. Dave was the first person to describe the technical details of DDoS attack tools in 1999, was an early researcher into bots and botnets, and one of the first to study P2P for botnet command and control. Dave has pushed the limits, but he tries to do it in a way that is ethically defensible. He has written extensively on ethics and the "Active Response Continuum," serves on one of the UW's Institutional Review Boards evaluating human subjects research, and he and Erin Kenneally recently co-authored the Department of Homeland Security document, "The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research."