Description: Blue Coat's daily traffic logs show the results of 75 million end users inadvertently surfing for malware on the Web. Much of that malware comes from large, well organized Malware Delivery Networks (malnets). These malnets can be mapped and then tracked, greatly improving the detection rates for new malware. The process of mapping and tracking has involved the creation of several custom tools. One of these tools takes a list of malicious sites and referrers as input, and produces both static and animated network graphs of the sites and their relationships. We will discuss how the data is collected, but mostly focus on the challenges of building software that can smoothly animate the life of a malnet.
Tim, Jon, and Chris are engineer/researchers on Blue Coat's malware research team, where they look for malware on the Web and then build tools to do the looking for them. They spent a good part of the last year playing around with ways to represent malware delivery networks (malnets) visually, first in static network graphs and then in animated time-lapse videos. They thought the results were cool enough to share.
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.