Botnet Network Data Analysis Using Open-Source Tools

Conference:  RSA Conference 2021



Learn how to quickly gain insights from real-life malicious botnet network traffic. In this Lab, participants will build a workflow using open source tools to efficiently find behavioral patterns behind a botnet known to have contributed to social media fraud. Analyze, filter, extract and visualize 3.9M packets using Wireshark, Tshark, Jupyter, Python, Pandas and hvPlot. This session will follow Chatham House Rule to allow for free exchange of information and learning. We look forward to participants actively engaging in the discussion, and remind attendees that no comment attribution or recording of any sort should take place. Pre-Requisites: Python, TCP/IP networking, Wireshark This is a capacity-controlled session. If added to your schedule and your availability changes, please remove this session from your schedule to allow others to participate.