Network Traffic Analysis using Deep Packet Inspection and Data Visualization (SHA2017)
Eventpad: the Sublime editor for network traffic
Chaos Computer Club - SHA2017: Still Hacking Anyway (mp3) · ArrayX
August 5, 201724m 56s
Audio is streamed directly from the publisher (cdn.media.ccc.de) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
For the protection of (critical) infrastructures against complex virus attacks, deep packet inspection is unavoidable. In our project SpySpot we are developing new tools and techniques to assist analysts in gaining insight and reverse engineering WireShark PCAP files. In this talk we present and demo a new data visualization system Eventpad to study PCAP traffic by visualizing patterns according to user-defined rules. We illustrate the effectiveness of the system on real-world traffic including VoIP communication and Ransomware activity in file systems.
#NetworkSecurity #DeviceSecurity
about this event: https://c3voc.de
Topics
SHA2017369