Loading…
Botconf 2017 has ended
View analytic
Wednesday, December 6 • 16:45 - 17:15
Automation Of Internet-Of-Things Botnets Takedown By An ISP

Log in to save this to your schedule and see who's attending!

Feedback form is now closed.
For the past 12 months, the Internet-Of-Things botnets have made the headlines. Behind the media noise lies a threat that could be easily remedied by taking appropriate actions to discourage the herders which, most of the time, are kiddies. The latters often purchase the services of a third party to set up the Command & Control on dedicated servers and thus, have a strong potential to cause harm. The growing number of botnets made us reflect upon a workflow to contain the trend.

This presentation aims to show how easy it is to identify the Command & Controls of the Internet-of-Things botnets and how OVH implemented an automated workflow to search them out of its network. This workflow is currently running in production and is able to extract the Command & Control IP in 9 out of 10 cases. and could be easily implemented by other ISPs.

OVH is the third hosting company in the world, providing bare metal servers, cloud instances, web hosting, xDSL links, etc. Also known for having mitigated a Distributed Deny of Service attack above the symbolic terabits per second barrier issued by a MIRAI botnet, OVH is definitively committed to fight against botnets.

Speakers
avatar for Sébastien Mériot

Sébastien Mériot

Security Engineer - Anti-Abuse & Anti-Fraud department, OVH
Sébastien works as a security engineer in the security team of OVH. His work has been crucial to mitigate the 1 Tbps attack issued by a MIRAI botnet and to protect the OVH’s customers from the WannaCry outbreak.


Wednesday December 6, 2017 16:45 - 17:15
Corum Allée du Saint-Esprit, 34000 Montpellier, France