Project N.I.N.J.A.T.U.R.T.L.E.S.

Presented at Kernelcon 2022, April 1, 2022, 3:20 p.m. (20 minutes).

Let's stop some ransomware attacks! In this presentation, you'll hear our process from start to finish: planning, designing, and implementing an automatic adversary cyber killchain identification system, dubbed "Project N.I.N.J.A.T.U.R.T.L.E.S.". This presentation will go through attack mapping, using the MITRE ATT&CK framework, monitoring a test system with tools from the Windows SysInternals suite, and finally showcase what a *semi* finished product looks like in action.

Presenters:

• Benjamin McDaniel
  Ben is a freshman computer engineering student at Rose-Hulman Institute of Technology.

Links:

• https://www.youtube.com/watch?v=YXuzquBsTVg

Similar Presentations:

• BSidesDC 2019 / Keeping CTI on Track: An Easier Way to Map to MITRE ATT&CK
• BSidesSF 2022 Rescheduled / Threat hunting: Using MITRE ATT&CK against Carbanak malware
• Objective by the Sea version 4.0 (2021) / Becoming a Yogi on Mac ATT&CK with OceanLotus Postures