Malware Cinema: A Picture Is Worth A Thousand Packets

No ratings

Presented at Blackhat Europe 2006 by

Gregory Conti

Security analysts and network administrators are faced with tremendous amounts of security related data. Unfortunately current tools quickly overwhelm us with too much or the wrong type of information. This talk explores solutions to this problem using carefully crafted security visualization systems that produce insightful images, animations and movies of security data. If properly constructed, the results can be dramatic and will help you quickly perform analysis and better communicate your results to clients, management and other analysts. This talk provides you with a security PVR (RUMINT) to record network traffic, play it back at a variety of speeds and identify events of interest via 20+ semantic visualizations.