Cats and Mice - Ever evolving attackers and other game changers

Presented at BSidesLV 2015, Aug. 5, 2015, noon (25 minutes).

After a couple years working in various tech-related industries Eric found himself in the Social Networking world for seven years. About 2/3rds of the way into this position he split out a side project. This unique perspective gave him new insights into how to take some administrative duties and wrap them up into what became a semi-autonomous learning abuse mitigation system The project was designed to do what admins regularly do (manual mitigation of bad actors/persona non-grata). But with enough accuracy and performance the goals were loftier. Finding and acting on these elements before an admin even has to deal with them -- faster detection, and prevention, and mitigationtimes. Much introspection ensued. The mind re-thought and further re-though what sensory input it was able to use to *know* which users look bad but are not. Likewise, how to reproduce an electronic 'gut instinct' on the bad users. Attempts at solving this problem did not immediately proove easily. Furthermore, as the system adapted, so did the attackers.

Presenters:

  • Eric Kmetz
    Eric Kmetz is a Software Engineer that has had a long-running interest in InfoSec. His hacking interests have spanned across BBSes, Phone Conferences, IRC, and TCP/IP vulnerabilities. More recently he has used his skills to work on software with the intent of creating software that is more tamper-resistant. He's been attending DEFCON since 2003, as a Security Gooning for four of those years. In 2014 he went to his first BSidesLV and decided that it would be a great venue in which to give his first talk.

Links: