Investigating DDoS - Architecture, Actors, and Attribution

Thursday, October 20, 2016

11:00 AM - 12:00 PM PDT

60 minutes, including Q&A

Investigating DDoS - Architecture, Actors, and Attribution by Allisson Nixon and Andre Correa
Common Misconceptions About The Modern Day DDoS Attack by Tom Bienkowski

DDoS attacks are one of the major threats to enterprises worldwide in terms of both attack volume and frequency. Presenters will discuss a number of novel techniques utilized to measure, study, and attribute attacks originating from sources such as embedded device botnets and booter/stresser services. They will also examine the usage of honeypots to gather historical attack details. Representative PCAPs will be shown, dissected, and explained. Finally, presenters will provide examples of where these services are offered for sale, how they are purchased and operated.

Brought to you by:

Arbor Networks


Andre Correa

Andre Correa

Andre Correa is an Information Security and Threat Intelligence Professional whose qualifications include in-depth knowledge of Internet technologies, current cyber security landscape, incident response, security mechanisms and best practices. He is Co-Founder of Malware Patrol (malwarepatrol.net) and actively studies the evolving tactics employed by DDOS practitioners. Andre is a certified CISSP. He holds a Bachelor of Marketing and Sales Management and Bachelor of Science in Physics. Andre is fluent in English and Portuguese.

Allison Nixon

Allison Nixon

Allison Nixon is a threat researcher, verifier of leaks, and hunter of humans. She has been a background source for numerous investigations and articles that focus on the post-breach issue of "who dunnit?". She performs original threat research and is at the forefront of answering questions that people have not yet thought to ask. In 2013, she spoke at Blackhat about bypassing DDOS protection. In 2014, she released a paper detailing methods for vetting leaked data. She has been looking into the issue of "booters" and DDOS services. She researches DDOS attribution, cybercrime attribution, and criminal communities. In her spare time she grows tomatoes and makes puns.

Sponsor Presenter:

Tom Bienkowski

Tom Bienkowski

Tom has been in the network and security field for over 20 yrs. During this time he worked for large enterprises as a Network Engineer and for multiple network management and security vendors where he has had roles in Sales Engineering /Management, Technical Field Marketing and Product Management. Currently at Arbor Networks he is the Director of Product Marketing focusing on the fixed and mobile Service Provider markets.

Sustaining Partners