FloCon 2022 has ended
Back To Schedule
Wednesday, January 12 • 10:45am - 11:15am
Traditional and Advanced Techniques for Network Beacon Detection

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Software that calls home at a regular interval is referred to as “beaconing”. Beaconing can be similar to normal network traffic, but there is uniqueness that we can look for as part of threat hunt. Our particular focus is on the timing of the communications for a unique connection. Our work shows techniques for targeting the top candidates on a network that may be exhibiting beaconing behavior by using several machine learning clustering models on the communication delta times.

Attendees Will Learn:
Attendees will come to understand beaconing software, how to analyze the connections between machines using standard python machine learning libraries, and how to think about utilizing ML in general for their day-to-day operations.

avatar for Dustin Updyke

Dustin Updyke

Cybersecurity Researcher, CERT Division - SEI/CMU
Dustin Updyke is a Cybersecurity Researcher at the CERT Division of Carnegie Mellon University’s Software Engineering Institute. After previously serving with multiple industries in an array of technology roles, Dustin transitioned into security and now supports cyber workforce... Read More →
avatar for Tom Podnar

Tom Podnar

Cyber Security Engineer, CERT Division - SEI/CMU
Tom currently is a Cyber Security Engineer at the CERT division of SEI at Carnegie Mellon. He works with the United States Army researching, architecting, implementing, and delivering elite cyber warfare exercises. He also is an adjunct professor at La Roche University, where he teaches... Read More →

Wednesday January 12, 2022 10:45am - 11:15am EST