Presented at
Black Hat USA 2014,
Aug. 7, 2014, 5 p.m.
(25 minutes).
At the network layer, encrypted tunnels are typically seen as black boxes. Network traffic however, leaks side channel information that can often be analyzed to determine what the tunnel is being used for and the type of content being sent over it. Probabilistic algorithms will be explored that can analyze this side channel information and identify application protocols within the tunnel. An open-source toolkit containing the algorithms/attacks presented will be released.
Presenters:
-
Brandon Niemczyk
- HP
Brandon Niemczyk was born in Chicago. He has been writing code since he was a child with his first 386 modifying the QBASIC game gorillas.bas. He later moved on to write GIS software in Orlando, FL and then wandered into information security after a brief stint writing accounting software. His interests are machine learning, mathematics, motorcycles, games, reverse engineering, and family. Brandon has previously spoken at multiple conferences on machine learning and information security.
-
Prasad Rao
- HP, Security and Cloud Laboratories
Prasad Rao is a member of the Cloud and Security Labs (a part of HP Labs) with a focus on Security and Privacy. He develops graph algorithms, machine learning techniques and big data analytics techniques for security logs. Previously, he designed and implemented perimeter security analyzers for a systems of firewalls. He is the principal designer of the rule engine for the HP Privacy Advisor. Prior to HP Labs he worked in Telcordia Technologies on perimeter security enforcement and scheduling algorithms for dispatching technicians. As a PhD student, Prasad Rao built the core tabling engine of XSB prolog-- a free and open source Prolog and deductive database.
Links:
Similar Presentations: